Fraud, waste, and abuse compliance program.

Fraud, Waste, and Abuse
Compliance Program
January 2012Table of Contents
Glossary of Important Terms .......................................................................................................... i
PART I. Description of the Fraud, Waste and Abuse Compliance Program ................................. 1
A. Purpose ....................................................................................................................................... 1
B. Application .................................................................................................................................. 1
C. OSEEGIB as a PDP Sponsor ........................................................................................................... 1
D. Structure ..................................................................................................................................... 2
E. Core Elements .............................................................................................................................. 2
F. Scope ........................................................................................................................................... 3
G. Limitations .................................................................................................................................. 3
PART II. Code of Conduct ............................................................................................................... 4
A. Commitment of OSEEGIB ............................................................................................................. 4
B. Appointment of Compliance Officer ............................................................................................ 4
C. Laws, Rules, Regulations and Policies .......................................................................................... 4
D. Remedies for Non-Compliance .................................................................................................... 9
PART III. Fraud, Waste and Abuse Detection, Correction, Prevention and Compliance Plan .. 11
A. Policies and Procedures ............................................................................................................. 11
B. Responsibility for PBM ............................................................................................................... 12
C. Compliance Officer and Compliance Committees ..................................................................... 12
D. Training and Education .............................................................................................................. 16
E. Effective Lines of Communication ............................................................................................. 18
F. Disciplinary Standards and Hiring Criteria ................................................................................. 20
G. Procedures for Internal Monitoring and Auditing of Fraud, Waste and Abuse ........................ 22
H. Responding to Possible or Detected Violations ........................................................................ 24 i
Glossary of Important Terms
These terms will have the following meanings throughout the Oklahoma State and Education Employees Group Insurance Board’s Compliance Program:
Audit. A formal review of compliance with internal (e.g., policies and procedures) and external (e.g., laws and regulations) standards.
Business Associate. A third party acting as a fiduciary on behalf of OSEEGIB either through contract or by law in performing a function or activity regulated by HIPAA.
CMS. Centers for Medicare and Medicaid Services, an agency under the Department of Health and Human Services.
Code of Conduct. Standards adopted by OSEEGIB stating the ethical requirements for OSEEGIB’s employees and agents, with a commitment to comply with all federal and state standards and an emphasis on preventing fraud and abuse.
Compliance Program. Standards and procedures to be followed by OSEEGIB’s employees and its agents that are reasonably capable of reducing the prospect of criminal conduct and which incorporate the seven basic components of such a program as specified by the Office of Inspector General.
Covered Persons. OSEEGIB employees or any person or entity acting as a fiduciary on behalf of OSEEGIB either through contract or by law. Covered Persons specifically include those employees and persons or entities who perform services or act in any manner for or on behalf of OSEEGIB in the administration of the Medicare Part D Prescription Drug Plan.
Excluded Individual and Entity. (See 42 USCA § 1320a-7). An individual or entity who:
a. is currently excluded, debarred, suspended, or otherwise ineligible to participate in the federal health care programs or in federal procurement or non-procurement programs; or
b. has been convicted of a criminal offense that falls within the ambit of 42 USCA § 1320a-7(a), but has not yet been excluded, debarred, suspended, or otherwise declared ineligible.
Exclusion Lists. Electronic lists of excluded individuals or entities maintained by the federal Office of Inspector General (OIG) and General Services Administration (GSA) per 42 USCA § 1320a-7.
Federal Health Care Programs. As defined in 42 U.S.C. Section 1320a-7b(f), include any plan or program that provides health care benefits to any individual, whether directly, through ii
insurance, or otherwise, which is funded directly, in whole or in part, by a United States Government or state health care program, including, but not limited to, Medicare, Medicaid, Civil Health and Medical Program for the Uniformed Services (CHAMPUS), Department of Veterans Affairs (VA), Federal Bureau of Prisons, and Indian Health Services, but excluding the Federal Covered Persons Health Benefit Program (FEHBP). This specifically includes the Medicare Part D Prescription Drug Program sponsored by OSEEGIB under contract with CMS.
FWA. Fraud, waste and abuse.
Governing Board. Eight individuals who constitute the governing body of OSEEGIB as set out in Oklahoma Statutes Title 74 § 1304.
HIPAA. The Health Insurance Portability and Accountability Act of 1996, as amended.
MEDIC. Medicare Drug Integrity Contractor working with CMS.
Management. OSEEGIB employees who hold an office of trust, authority, or command.
MMA. Medicare Prescription Drug, Improvement and Modernization Act of 2003 (P.L. 108-173).
OIG. Office of Inspector General of the United States Department of Health and Human Services.
OSEEGIB. The Oklahoma State and Education Employees Group Insurance Board, a division of the Office of State Finance, which is an agency of the State of Oklahoma.
PBM. Pharmacy Benefits Manager.
PDP. A Prescription Drug Plan as established by the MMA under Medicare Part D.
Regulatory Compliance Committee. The committee consisting of three members of the Governing Board appointed by the Chairman of the Governing Board to oversee the Compliance Program.
Staff Compliance Committee. A committee consisting of OSEEGIB employees responsible for providing support to the Compliance Officer in the creation, implementation and operation of the Compliance Program.
TPA. Third Party Administrator1
PART I. Description of the Fraud, Waste and Abuse Compliance Program
A. Purpose
The Oklahoma State and Education Employees Group Insurance Board (OSEEGIB) has adopted the Fraud, Waste and Abuse Compliance Program (Compliance Program) to reaffirm OSEEGIB’s commitment to conducting its business in full compliance with applicable statutes, regulations, federal health care program requirements including the sponsorship of a Medicare Part D Prescription Drug Plan (PDP) under contract with the Centers for Medicare and Medicaid Services (CMS), pursuant to the Medicare Prescription Drug, Improvement, and Modernization Act (MMA) as it relates to the provision or denial of insurance benefits. The Compliance Program provides a solid framework for structuring a comprehensive range of compliance activities that are designed to:
1. avoid legal and compliance problems in the first instance;
2. effectively address compliance allegations as they arise;
3. remedy the effects of noncompliance;
4. identify and remove Fraud, Waste, and Abuse (FWA);
5. provide Covered Persons and the general public with an official statement of how OSEEGIB must and will conduct business;
6. provide a coordinated reporting structure between OSEEGIB, its subcontractors, and enforcement authorities; and
7. comply with OSEEGIB’s contractual obligation to CMS as a PDP sponsor.
B. Application
The Compliance Program applies to all health, dental, life and disability plans sponsored by OSEEGIB.
C. OSEEGIB as a PDP Sponsor
OSEEGIB has contracted with CMS to sponsor a PDP exclusively for its Medicare eligible retirees and their dependents. In so doing, OSEEGIB committed to fully complying with all the terms and conditions of its contract with CMS, including the Compliance Program requirements found at 42 CFR § 423.503(b)(4)(vi), and Chapter 9 of the Prescription Drug Benefit Manual located at www.cms.gov. OSEEGIB’s commitments to CMS are included as an integral part of this Compliance Program.2
D. Structure
This Compliance Program document consists of three (3) parts:
1. Part I. Description of the Compliance Program;
2. Part II. Code of Conduct; and
3. Part III. Fraud, Waste and Abuse Detection, Correction, Prevention and Compliance Plan.
E. Core Elements
The Compliance Program reflects OSEEGIB’s good faith commitment to identify and reduce risk and FWA. It also reflects the commitment to improve internal controls, and establish standards to which OSEEGIB shall adhere. As such, OSEEGIB adopts the following principles of compliance:
1. developing and distributing a written Code of Conduct, as well as written policies and procedures that promote OSEEGIB’s commitment to compliance, to provide general and specific operational guidance, and identify specific areas of risk and FWA;
2. designating a Compliance Officer and Compliance Committee charged with the responsibility of operating and monitoring the Compliance Program, including activities relating to the detection of FWA;
3. developing, implementing, and monitoring regular, effective education and training programs for Covered Persons regarding the Compliance Program and the detection of FWA and making the general public aware of the same;
4. developing effective lines of communication between the Compliance Officer, Covered Persons and members of the Compliance Committees;
5. maintaining an effective and well-publicized disclosure program to provide guidance and receive complaints about potential Compliance Program violations and FWA without fear of retaliation;
6. developing disciplinary standards and appropriate hiring criteria to respond to allegations of improper or illegal activities, and carrying out the equitable enforcement of these standards on Covered Persons who have violated laws, regulations, PDP and other federal health care program requirements or the Compliance Program standards;
7. maintaining effective auditing and monitoring systems and protocols to evaluate OSEEGIB’s and its TPA’s compliance with laws, regulations, PDP and other federal health care program requirements and the Compliance Program standards, to assist in the prevention of Compliance Program violations, and to maintain the efficacy of the Compliance Program; and
8. investigating, responding to and preventing identified compliance problems, FWA, including establishing appropriate and coordinated corrective action measures with the assurance that 3
OSEEGIB can take appropriate corrective actions according to any circumstances or problems that may arise.
F. Scope
These Compliance Program standards shall apply to Covered Persons affiliated with OSEEGIB throughout its diverse operations. It is the responsibility of Covered Persons to be familiar and comply with all requirements of the Compliance Program that pertain to their respective areas of responsibility and recognize and avoid actions and relationships that might violate those requirements.
G. Limitations
The Compliance Program is not intended to summarize all laws and regulations applicable to OSEEGIB. This Compliance Program is a policy of OSEEGIB that will be updated periodically to assure that Covered Persons are kept informed of current legal and compliance developments in the health care industry. Any doubts whatsoever as to the appropriateness of a particular situation, whether or not the situation is described within this Compliance Program, should be submitted either to an immediate supervisor, management, OSEEGIB’s Human Resources director, OSEEGIB’s Compliance Officer, OSEEGIB’s legal counsel, OSEEGIB’s compliance toll free hot line at 1-866-381-3815, or OSEEGIB’s website at http://www.ok.gov/sib/Fraud,_Waste,_and_Abuse.html.4
PART II. Code of Conduct
A. Commitment of OSEEGIB
OSEEGIB is committed to:
1. conducting its business in accordance with the highest standards of ethical conduct;
2. conducting its business activities with integrity and in full compliance with the federal, state and local laws governing its business; and
3. complying with all federal and state regulatory requirements related to the Medicare programs, including but not limited to the Anti-Kickback Statutes and False Claims Act and the detection, correction and prevention of FWA.
This commitment applies to relationships with its members, enrollees, federal, state and local governments, vendors, competitors, auditors and all public and government bodies. Most importantly, it applies to all Covered Persons.
B. Appointment of Compliance Officer
To protect OSEEGIB’s reputation and to assure uniformity in standards of conduct, OSEEGIB has established this Code of Conduct as a part of its Compliance Program. A Compliance Officer has been appointed to:
1. implement compliance with the Compliance Program;
2. serve as a contact for Covered Persons and the general public to report any potential violations of laws, regulations or this Compliance Program; and
3. ensure appropriate action against violators of any such laws, regulations or this Compliance Program.
C. Laws, Rules, Regulations and Policies
The intent of this Compliance Program is to ensure that every Covered Person acknowledges the proper standards of conduct and conforms his or her conduct to all applicable laws, rules and regulations. OSEEGIB is committed to continually monitoring and updating its Compliance Program to incorporate any modifications to applicable standards. These laws and other standards include, but are not limited to, the following relevant concepts set out under the cited code and OSEEGIB’s cited agency policy.5
Civil and Criminal False Claims (42 U.S.C. §§ 1320a-7a & 1320a-7b). Covered Persons shall not knowingly and/or willfully make or cause to be made any false statement or representation of material fact in any claim or application for benefits under any federal health care program or health care benefit program. Covered Persons shall not knowingly present a claim to any federal health care program or health care benefit program for an item or service the person knows or should have known, was not provided, was fraudulent, or was not medically necessary. No claim for an item or service shall be submitted that is based on a code that the person knows or should know will result in greater payment than the code the person knows or should know is applicable to the item or service actually provided. Covered Persons shall not give or cause to be given any information with respect to coverage of inpatient services which that person knows is false and could influence the decision regarding when to discharge an individual from any health care facility. Covered Persons shall not offer to transfer, or transfer, any remuneration to a beneficiary under a federal health care program, that the person knows or should know is likely to influence the beneficiary to order and/or receive any item or service from a particular provider, practitioner, or supplier, for which payment may be made, in whole or in part, under a federal health care program. Remuneration includes the waiver of coinsurance and deductible amounts except as otherwise provided, and transfers of items or services for free or for less than fair market value. Examples of prohibited conduct include, but are not limited to: misrepresenting services which were rendered; falsely certifying that services were medically necessary; "up-coding"; billing for services not actually rendered; making false statements to governmental agencies about OSEEGIB’s compliance with any state or federal rules; and, failing to refund overpayments made by a federal health care program.
Anti-Kickback Act (42 U.S.C. §1320a-7b(b)) and Anti-Kickback Act of 1974 (74 O. S. 1991, § 3401, et seq. ). Covered Persons shall not knowingly and/or willfully solicit, offer to pay, pay, or receive, any remuneration, either directly or indirectly, overtly or covertly, in cash or in kind, in return for:
a. Referring an individual to a person for the furnishing, or arranging for the furnishing, of any item or service for which payment may be made, in whole or in part, under any federal health care program;
b. Purchasing, leasing, ordering, or arranging for, or recommending the purchasing, leasing, or ordering of any goods, facility, service or item for which payment may be made in whole or in part, under any federal health care program; or
c. Remuneration may include kickback payments, bribes, or rebates.
Exclusion from Federal Health Care Programs (42 USC 1320a-7). Individuals or entities convicted for a program related crime, a criminal offense relating to patient abuse or neglect, a felony offense related to health care fraud, or a felony offense related to controlled substances must be excluded from Medicare and Medicaid for a minimum of 5 years.
Ethics in Patient Referrals Act of 1989 (42 U.S.C. §1395nn). Covered Persons who have an ownership and/or compensation relationship in non-excluded entities shall not refer a patient in need of designated health services for which payment may be made under Medicare or Medicaid to such entities with which they have a financial relationship.6
Health Care Fraud (18 U.S.C. §1347). Covered Persons shall not knowingly or willfully execute or attempt to execute, a scheme or artifice to: defraud any health care benefit program; or obtain, by means of false or fraudulent pretense, representation, or promise any of the money or property owned by or under the custody or control of any health care benefit program, in connection with the delivery of, or payment for, health care benefits, items, or services.
Criminal False Statements Related to Health Care Matters (18 U.S.C. §1035). Covered Persons shall not knowingly and willfully make or use any false, fictitious, or fraudulent statements, representations, writings or documents, regarding a material fact in connection with the delivery of, or payment for, health care benefits, items or services. Covered Persons shall not knowingly and willfully falsify, conceal or cover up a material fact by any trick, scheme or device.
Federal Civil False Claims Act (31 U.S.C. §§3729-3733 as amended). Covered Persons shall not:
a. Knowingly file a false or fraudulent claim for payments to a governmental agency, or health care benefit program;
b. Knowingly use a false record or statement to obtain payment on a false or fraudulent claim from a governmental agency or health care benefit program;
c. Knowingly conceal or improperly avoid or decrease an obligation to pay or transmit money or property to a governmental agency or health care benefit program; or
d. Conspire to defraud a governmental agency or health care benefit program by attempting to have a false or fraudulent claim paid.
Examples of false or fraudulent claims include, but are not limited to, double billing, upcoding, unbundling, submitting or processing claims for items or services not provided, submitting or processing claims for items or services not medically necessary, and billing for non-covered services.
Criminal False Claims Act (18 U.S.C. § 286, §287). Covered Persons shall not knowingly make any false, fraudulent or fictitious claim against a governmental agency or health care benefit program. Conspiring to defraud a governmental agency or health care benefit program is prohibited.
Criminal Wire and Mail Fraud (18 U.S.C. §1341, §1343). Covered Persons shall not devise and/or implement a scheme to defraud a governmental agency or health care benefit program, which uses the U.S. Postal Service, private postal carriers or telephone lines to perpetrate the fraud.
Criminal False Statement Act (18 U.S.C. §1001). Covered Persons shall not knowingly and willfully falsify or make any fraudulent, false or fictitious statement against a governmental agency or health care benefit program.
Theft or Embezzlement in Connection with Health Care (18 U.S.C. §669). Covered Persons shall not embezzle, steal or otherwise, without authority, convert to the benefit of another person, or intentionally misapply money, funds, securities, premiums, credits, property, or other assets of a health care benefit program.7
Obstruction of Criminal Investigations of Health Care Offenses (18 U.S.C. §1518). Covered Persons shall not willfully prevent, obstruct, mislead, delay, or attempt to prevent, obstruct, mislead or delay the communication of information or records relating to a violation of a federal health care offense to a criminal investigator.
Criminal Conspiracy (18 U.S.C. §371). Covered Persons shall not conspire to defraud any governmental agency or health care benefit program in any manner or for any purpose.
RICO and Money Laundering Acts (18 U.S.C. §1956, §1961 et. seq.). Covered Persons shall not use any income obtained from mail or wire fraud to operate any enterprise. In addition, Covered Persons shall not use the proceeds of wire or mail fraud in financial transactions, which promote the underlying fraud.
Equal Employment Opportunity and Affirmative Action (OSEEGIB Agency Policy 004). OSEEGIB’s policy is to continuously provide equal employment and advancement opportunities in all job classifications without regard to political opinion or affiliation, race creed, gender, age, color, national origin, or physical handicap, so long as the physical handicap does not render the person unable to perform the essential functions of the job, with or without an accommodation, for which he/she is employed.
Confidentiality and Security of Information under HIPAA, HITECH, 24 O.S. § 161, 74 O.S. § 1322 and OSEEGIB Policy 102. Oklahoma Statutes, OSEEGIB Rules, HIPAA Regulations, and individual confidentiality agreements with OSEEGIB mandate that each employee, business associate, contractor, intern, or anyone with access to employee or member confidential information protect the privacy and confidentiality of that information and not release that information without written consent, subpoena or court order. Covered Persons must report disclosures of confidential information immediately to employees’ supervisors (if applicable) and OSEEGIB’s Compliance Officer. OSEEGIB’s Compliance Officer will determine what additional action should be taken.
Drug/Alcohol Free Workplace (OSEEGIB Policy 502). All OSEEGIB employees are prohibited from unlawfully manufacturing, distributing, dispensing, processing, and/or using drug/alcohol controlled substances in or on all state government facilities, property or workplaces, or while conducting business for OSEEGIB.
Ethical Conduct at 74 O. S. § 1305(5) and OSEEGIB Policy 504. During working and non-working hours, all agency personnel will ensure that their actions, activities and conduct are in accordance with the ethical requirements of all laws, rules, regulations, and policies applicable to the agency which governs the ethical conduct of agency employees. No agency employee shall solicit, agree to accept, or accept any bribe, gratuity, favor, or anything of value given, offered, or promised for the purpose of influencing their official act, decision, or judgment; or that may have the appearance of such actions.
No personal business is to be conducted by any employee during working hours or at any other time in Agency offices. State telephones, vehicles, calculators, computers, word processors, copiers, supplies, office space or any other equipment or facilities provided by the State for the business of the Agency shall not be used for personal business by Covered Persons, relatives, friends or associates.8
Sexual Harassment (OSEEGIB Policy 507). Sexual harassment is discrimination on the basis of gender (sex). It includes, but is not limited to, unwelcome sexual advances, requests for sexual favors, or other verbal or physical conduct of a sexual nature. No officer or employee of any agency shall permit or engage in sexual harassment. OSEEGIB has a zero tolerance standard for sexual harassment in the work place. This includes agency employees, TPAs, vendors, or other consultants and outside contractors.
Workplace Violence (OSEEGIB Agency Policy 514). OSEEGIB prohibits violent acts or any conduct that may lead to violence, by any agency employee, guest, member or third party contractor.
Additionally:
a. Covered Persons must not cause another Covered Person, entity or general public to violate these standards, whether through inducement, suggestion or coercion.
b. Conflict of Interest. Covered Persons must certify that there is no conflict of interest. Certification is required at time of hire or contract, and annually thereafter.
c. Marketing and Member Service Activities. It is OSEEGIB’s policy to offer only honest, straightforward, fully informative and nondeceptive information when conducting marketing activities. It is in the best interests of members, OSEEGIB and payers alike, for members, physicians, pharmacists, dentists, insurance coordinators, and other referral sources to understand fully the benefits offered by OSEEGIB, and the potential financial consequences if OSEEGIB’s
a. Benefits are selected. Therefore, Covered Persons shall not distort the truth, make false claims, engage in fraudulent comparative analysis or attack or disparage another health, dental or pharmacy plan. OSEEGIB monitors marketing activities that involve the distribution of promotional materials to members or third parties that may have monetary value to evaluate compliance with the relevant policies.
d. Contract Negotiation. OSEEGIB has an affirmative duty to disclose current, accurate and complete cost and pricing data where such data is required under appropriate federal or state law or regulation. Covered Persons involved in the pricing of contract proposals or in the negotiation of a contract must ensure the accuracy, completeness and currency of all data generated and given to supervisors and other employees. Furthermore, all representations made by OSEEGIB employees to OSEEGIB’s members and contractors, both government and commercial, must be accurate, complete and current. The submission to a federal or state government customer of a representation, quotation, statement or certification that is false, incomplete or misleading can result in civil and/or criminal liability for OSEEGIB, the involved employee and any supervisors who condone and/or permit such an improper practice.
e. Financial Reporting and Internal Control. False or misleading entries may not be made in the financial books or employment records of OSEEGIB for any reason. No Covered Person shall engage in any actions that result in or create false or misleading entries in OSEEGIB’s books and records. All financial reports, accounting records, expense accounts, other documents must accurately and clearly represent the relevant facts or the true nature of a transaction.9
f. Maintenance of Records and Files. All Covered Persons must follow OSEEGIB’s policy regarding the retention, disposal or destruction of any OSEEGIB records or files. Laws and regulations require retention of certain OSEEGIB records for various periods of time, particularly in the Part D, tax, financial, personnel, health and safety environment, HIPAA, and contract areas. Records should always be retained or destroyed according to OSEEGIB’s record retention policies and those policies dictated by the MMA. Those policies should always be consistently adhered to. In accordance with those policies, in the event of litigation or governmental investigation, please consult OSEEGIB’s legal counsel.
g. Responsibility for Data Submitted to CMS by subcontractors. Compliance with the Compliance Program standards and all applicable laws and regulations is a condition of employment or association with OSEEGIB. OSEEGIB will pursue appropriate disciplinary action to enforce compliance. The Compliance Officer will review the Department of Health & Human Services Office of Inspector General (OIG) and General Services Administration (GSA) exclusion lists on a monthly basis to ensure that Covered Persons are not included on such lists. Any Covered Persons found on these lists shall be immediately removed from any work on all federal health care programs.
D. Remedies for Non-Compliance
Possible disciplinary action shall depend on the degree of severity of noncompliance and may include, but shall not be limited to:
a. warnings (oral);
b. reprimands (written);
c. probation;
d. demotion;
e. suspension without pay;
f. referral to counseling;
g. withholding of a promotion or salary increase or other financial penalties;
h. termination;
i. failure to renew agreements;
j. contract termination;
k. restitution of damages; and
l. referral for criminal prosecution to law enforcement agencies, CMS or MEDIC as appropriate.10
Copies of this Code of Conduct shall be distributed to all Covered Persons at the time of hire, to Governing Board Members at or before their first regular Board meeting, and when the standards are updated, and annually thereafter. As a condition of employment, OSEEGIB employees shall certify that they have received, read, and will comply with all written standards of conduct and this Compliance Program.
Disciplinary action will be pursued on a fair and equitable basis, and employees at all levels of OSEEGIB shall be subject to the same disciplinary action for the commission of similar offenses, including management. OSEEGIB’s Human Resources Director, in conjunction with the Compliance Officer and Compliance Committee, will serve as the appropriate body to ensure that the imposed discipline is proportionate and administered fairly and consistently in compliance with OSEEGIB’s policies and procedures.
Disciplinary standards shall be well-publicized and shall be disseminated and available. Enforcement of disciplinary standards will require an effective working relationship between the Compliance Officer, Human Resources and other areas of OSEEGIB maintaining primary responsibility for administering discipline.
This Compliance Program may not include all circumstances that would fall within the intent of the Compliance Program and be considered a violation that should be reported. Persons should report all suspected dishonest or illegal activities whether or not they are specifically addressed in the Compliance Program.11
PART III. Fraud, Waste and Abuse Detection, Correction, Prevention and Compliance Plan
A. Policies and Procedures
OSEEGIB is committed to policies and procedures for the detection, correction and prevention of FWA. To articulate its commitment to detect, correct and prevent FWA, OSEEGIB will:
1. maintain a commitment to comply with federal and state regulatory requirements related to the Medicare program, including but not limited to the Anti-Kickback Statute and False Claims Act. OSEEGIB will continually monitor and update its Compliance Program to incorporate any modifications to applicable standards;
2. develop procedures that establish ramifications in instances where federal or state statutes or other regulatory requirements are breached;
3. distribute OSEEGIB’s written Code of Conduct related to FWA to all Covered Persons at time of hire or contract, when the standards are updated, and annually thereafter. As a condition of employment, employees shall certify that they have received, read, and will comply with all written Code of Conduct;
4. have Covered Persons sign a statement, attestation or certification related to conflict of interest at time of hire or contract and annually thereafter;
5. maintain policies that require the review of the U. S. Department of Health & Human Services Office of Inspector General (DHHS OIG) and General Services Administration (GSA) exclusion lists on a monthly basis to ensure that its Covered Persons are not included on such lists. If the Covered Persons are on such lists, OSEEGIB’s policies shall require the immediate removal of such Covered Persons from any work on all federal health care programs;
6. describe the arrangements for identifying overpayments within its network and making repayments to the appropriate party of any overpayments;
7. establish procedures for the identification of FWA in OSEEGIB’s network;
8. maintain procedures for referring instances of potential FWA to the MEDICs for further investigation;
9. establish policies and procedures for coordinating and cooperating with MEDICs, CMS, and law enforcement, including policies that fully cooperate with any audits conducted by the above-mentioned entities;
10. establish procedures for performing data requests for MEDICs, CMS, and law enforcement;12
11. maintain policies and procedures to comply with CMS’ ten-year record retention requirement for PDPs as listed in the Federal Regulation at 42 CFR § 423.505(d) and Oklahoma’s record retention policy at 67 O. S. § 206;
12. establish policies and procedures to ensure full disclosure to CMS of all OSEEGIB’s bid pricing decisions for the PDP including clear guidance on how all decisions were documented; and
13. establish policies and procedures that maintain a commitment to legal and ethical Pharmacy & Therapeutic Committee decisions and formulary decisions.
OSEEGIB will establish procedures to ensure that it is in compliance with its contractual obligations to CMS as a PDP sponsor.
B. Responsibility for PBM
OSEEGIB is ultimately responsible for data submitted to CMS by OSEEGIB’s PBM. When the PBM submits data on behalf of OSEEGIB, the PBM, in addition to OSEEGIB, must certify to CMS regarding the accuracy, completeness, and truthfulness of the data and acknowledge that the data submitted on behalf of OSEEGIB will be used for the purposes of obtaining federal reimbursement.
C. Compliance Officer and Compliance Committees
OSEEGIB maintains a full-time Compliance Officer, an internal compliance committee comprised of OSEEGIB staff and a Regulatory Compliance Committee of the Governing Board to oversee the Compliance Program.
1. Compliance Officer
The Compliance Officer is the focal point of the Compliance Program and shall be accountable for all compliance responsibilities at OSEEGIB. The Compliance Officer shall be a full-time employee whose role shall not be split between two persons. Based upon OSEEGIB’s Compliance Officer’s scope of responsibilities, OSEEGIB’s size and resources, and the complexity of tasks, the Compliance Officer charged with the responsibilities overseeing the overall OSEEGIB Compliance Program and the Medicare Part D Compliance Plan mandated by CMS to PDP sponsors (which is incorporated into this overall Compliance Plan) shall be one and the same person.
The presence of the Compliance Officer does not diminish or alter a Covered Person’s or entity’s independent duty to abide by the Compliance Program. For example, managers and supervisors should be responsible for monitoring and promoting compliant behavior among those he or she supervises. 13
In addition to the general accountability for OSEEGIB’s Compliance Program, the Compliance Officer’s responsibilities include:
a. developing, operating and monitoring the FWA program with authority to report directly to the Governing Board or OSEEGIB’s administrator;
b. periodically assessing OSEEGIB’s compliance risk exposure and the development of action plans to assure that the Compliance Program responds to identified risk areas;
c. formulating and ensuring the distribution of the Compliance Program;
d. overseeing the establishment, distribution and maintenance of the policies and procedures necessary to support the Compliance Program;
e. ensuring that effective systems are established to prevent employment of individuals or contracting with vendors who are Excluded Individuals or Entities or who are otherwise determined to have engaged in illegal activities;
f. ensuring that compliance education and training programs are effective to familiarize all OSEEGIB’s employees with the components of the Compliance Program;
g. updating and refreshing education and training information through mandatory periodic training that addresses compliance issues related to specific departments, groups of employees or other Covered Persons;
h. coordinating internal audit endeavors to assess the effectiveness of OSEEGIB’s internal controls and to detect significant violations of legal and ethical standards;
i. maintaining a well-publicized disclosure program for reporting of potential Compliance Program violations without fear of retaliation and promoting effective lines of communication for Covered Persons, providers, members and the general public to pose informal compliance questions;
j. maintaining a record of compliance-related complaints and allegations and the disposition of each case, including any associated disciplinary actions and remedial action pursued by OSEEGIB;
k. conducting investigations, or authorizing outside investigations, in consultation with Legal Counsel, of potential violations of laws, regulations, other federal health care program requirements, or instances of unethical behavior, which jeopardize OSEEGIB;
l. evaluating, determining and implementing the most appropriate remedy to correct an incident of noncompliance, once detected, and develop and implement strategies for identifying and preventing future incidents;
m. reporting, in consultation with Legal Counsel any compliance matter requiring external reporting or disclosure;
n. making at least quarterly reports on compliance developments to the Administrator and to the Regulatory Compliance Committee, after consulting with Legal Counsel.14
o. serving as Chairperson of the Staff Compliance Committee;
p. maintaining a good working relationship with key operational areas relevant to the effective implementation of the Compliance Program, including Operations, Human Resources, Legal, Internal Audit and Finance;
q. providing guidance and interpretation to the Regulatory Compliance Committee, Governing Board, Administrator and Management, in consultation with Legal Counsel, on matters related to the Compliance Program;
r. preparing, at least annually a report describing the compliance activities and actions undertaken during the preceding year, the compliance priorities for the next year, and any recommendations for changes to the Compliance Program. This report should include input from the Staff Compliance Committee; and
s. reviewing and updating this Compliance Program at least annually, and as required by events, such as changes in the law, or discovered flaws in the Program.
2. Staff Compliance Committee
OSEEGIB shall establish a Staff Compliance Committee that is overseen by the Compliance Officer. The Compliance Committee shall be responsible for providing support to the Compliance Officer in the creation, implementation and operation of the Compliance Program. The Compliance Committee is critically important in establishing accountability, credibility, and the structure of the Compliance Program. The purpose of the Staff Compliance Committee is to allow OSEEGIB and the Compliance Officer to benefit from the combined perspectives of individuals with diverse responsibilities and experiences. Accordingly, in addition to the Compliance Officer, who will chair the Committee, the Staff Compliance Committee shall include representatives of and be attended by the following divisions:
a. Legal;
b. Internal Auditing;
c. Finance;
d. Information Technology;
e. Human Resources; and
f. Operations, Policy and Plan Design.
The Compliance Committee is authorized to invite other persons or the general public to meetings to draw from other relevant expertise related to the matter under discussion. The Staff Compliance Committee shall support the Compliance Officer in furthering the objectives of the Compliance Program by:
a. developing a structure to promote compliance of organizational functions;15
b. analyzing the legal requirements with which OSEEGIB must comply, and the specific risk areas;
c. updating and providing revisions to the Compliance Program;
d. developing effective training programs;
e. recommending and supervising, in consultation with the relevant departments and facilities, the development of internal systems and controls to achieve the standards set forth in the Compliance Program;
f. determining the appropriate strategy to promote adherence to the Compliance Program standards;
g. developing a system to solicit, evaluate and respond to complaints and problems;
h. creating and implementing effective methods for the proactive identification of potential compliance programs throughout OSEEGIB;
i. assessing the effectiveness of the Compliance Program;
j. furnishing recommendations to the Compliance Officer regarding reports to be furnished to the Administrator, the Regulatory Compliance Committee, the Governing Board, or other parties; and
k. reviewing and providing comments to the annual compliance audit plan.
The Staff Compliance Committee may also address other compliance functions as the Compliance Program develops.
The Staff Compliance Committee shall create ad hoc committees and task forces as necessary to perform specialized functions, such as conducting an investigation into reported noncompliance, in an efficient and effective manner.
Any report generated by the Compliance Officer or Compliance Committee shall be delivered to Legal Counsel for review.
3. Regulatory Compliance Committee
The Governing Board shall establish a Regulatory Compliance Committee composed of three members of the Governing Board. The Regulatory Compliance Committee shall act on behalf of the Governing Board in regard to the Compliance Program and its responsibilities. Members of the Regulatory Compliance Committee shall be appointed by the Chairman of the Governing Board on an annual basis. The Chairman of the Regulatory Compliance Committee shall be appointed by the Chairman of the Governing Board on an annual basis.16
4. Periodic Review of Compliance Program’s Effectiveness
The Compliance Officer will regularly, at least annually, review the effectiveness of the Compliance Program and make a report to the Administrator and the Regulatory Compliance Committee. The report will include any Compliance Program updates or revisions that may be needed. If a violation occurred and was not immediately detected, the Compliance Program must be reviewed with a determination of the need for modification. The Compliance Officer should analyze the situation to determine whether a flaw in the Compliance Program failed to anticipate the detected problem, or whether the Compliance Program’s procedures failed to prevent the violation.
As part of the regular review of the effectiveness of the Compliance Program, the Compliance Officer should consider other risk areas and newly developed methodologies that might be appropriate for the Compliance Program to review.
The Compliance Officer will remain educated and knowledgeable in the area of compliance. The Compliance Officer will regularly review notices and reports from the OIG to identify vulnerabilities and risk area on which the OIG (or others in the field of ethics and FWA detection) will focus in the future. The Administrator and the Governing Board will be immediately advised of any particular activities that are being reviewed by OIG related to OSEEGIB and any risks of which OSEEGIB needs to be aware.
D. Training and Education
1. General
In order to create and maintain a culture of compliance, OSEEGIB shall provide initial and continuing education for its employees on all matters set forth in this Compliance Program. Participation in the educational programs set forth in this Compliance Program shall be a condition of employment with OSEEGIB and all new employees will be trained within sixty (60) days of beginning employment. All Covered Persons shall receive a minimum of one hour annually for basic training in compliance areas.
OSEEGIB will use a variety of methods to train and educate its employees regarding the Compliance Program. These include live and videotaped presentations, distribution of written materials, including newsletters and posting information on bulletin boards, and web-based tools. In establishing educational objectives for current and future employees, OSEEGIB will determine:
a. the type of training that best suits OSEEGIB’s needs (e.g., seminars, in-service training, self-study or other programs); and
b. when the education is needed and how much each person should receive to achieve the Compliance Program’s goals.
Requirements shall be incorporated in each employee’s yearly Performance Management Process evaluation.17
All Covered Persons, other than OSEEGIB employees, shall be responsible for establishing an education and training program that encompasses potential FWA and access to OSEEGIB’s reporting of FWA. OSEEGIB’s PBM shall have training and education specifically including the Compliance Program requirements found at 42 CFR § 423.503(b)(4)(vi) and Chapter 9 of the Prescription Drug Benefit Manual located at www.cms.gov.
2. Compliance Training
Training will include information on the compliance program itself and applicable statutes and regulations. The educational programs provided by OSEEGIB shall include:
a. an overview of this Compliance Program with specific instruction on the disclosure and reporting mechanisms contained in the Compliance Program, and the duty and means by which possible violations can be reported;
b. how Part D and other OSEEGIB FWA may be identified;
c. what to do when FWA is identified;
d. an overview of state and federal laws and regulations identified in Code of Conduct and how they relate to OSEEGIB, including the roles and responsibilities of the individuals in potentially identifying areas that need to be reported for further investigation;
e. an overview of federal and state anti-discrimination and harassment laws and OSEEGIB's polices with regard to the same;
f. training on common fraudulent schemes in the health care and pharmaceutical industry as identified by CMS, the OIG, or the U. S. Department of Justice;
g. training and education on OSEEGIB's policy regarding governmental investigations and search warrants;
h. training regarding the role of each Covered Person and the consequences for OSEEGIB and the individual violating the policies;
i. the role of CMS, MEDIC and law enforcement, and cooperation with these entities in an investigation; and
j. training regarding the key risk areas in the OIG guidance and areas of particular OIG interest.
3. Documentation
OSEEGIB shall maintain documentation of all educational activities, including a record of dates, times, attendance, materials distributed and agenda for all professional and compliance training sessions in which Covered Persons participate.18
4. Compliance Reference Materials
The Compliance Officer shall maintain a library of regulatory and compliance related information and training manuals. This information includes carrier newsletters, Medicare manuals, federal regulations, Health Care Financing Administration (HCFA) interpretations, and materials published by the American Medical Association and other relevant professional societies. The Compliance Officer is also responsible for regularly disseminating new compliance information to Covered Persons.
E. Effective Lines of Communication
1. General
OSEEGIB shall have effective lines of communication to receive, record and respond to instances of potential FWA and other reports of non-compliance with these policies between the Compliance Officer, the general public, Covered Persons, Governing Board members, and members of the Compliance Committees.
The Compliance Officer is charged with the responsibility of ensuring that a clear “open door” policy between Covered Persons, members, the general public and the compliance office is established. This includes procedures to ask compliance questions or make reports of potential or actual non-compliance to the Compliance Officer. The Compliance Officer will utilize a number of communication techniques to continually update Covered Persons on compliance information. This will include the use of bulletin board(s) in common areas, email, newsletters, and OSEEGIB’s Internet and Intranet sites.
2. Effective Communication Assurance
To ensure effective communication, OSEEGIB will:
a. ensure that Covered Persons are aware that policies and procedures require Covered Persons report conduct that a reasonable person would, in good faith, believe to be fraudulent or erroneous, and that failure to do so is a violation of the Compliance Program;
b. have a simple and readily accessible procedure, developed by the Compliance Officer, to process reports of fraudulent or erroneous conduct;
c. have a process that maintains the confidentiality of the persons involved in the alleged fraudulent or erroneous conduct and the person making the allegation; and
d. ensure that there will be no retribution for reporting conduct that a reasonable person acting in good faith would have believed to be fraudulent or erroneous.
3. Methods of Reporting
All Covered Persons are required to report incidents of violations of this Compliance Program, unethical conduct, or incidents of potential FWA to the Compliance Officer.19
a. Such reports may be made to the Compliance Officer in person, in writing, or by phone. Reports shall be treated as confidential to the extent reasonably possible. There shall be no retaliation against anyone who submits a good faith report of noncompliance.
b. Reports may be made on an anonymous basis through a drop box, Internet website, or a direct telephone hotline; investigations to hot line inquiries involving potential FWA violations shall be responded to within thirty (30) days of request.
c. Published information, including outgoing greetings on “hotline” systems shall include a:
(i) description of the various methods available to report FWA;
(ii) statement that every attempt will be made to maintain confidentiality, but the confidentiality may be guaranteed if law enforcement is involved;
(iii) description of how anonymous reports may be made and how the anonymous system will allow the reporter to provide additional information (if needed) and receive status updates on the investigation; and
(iv) description of OSEEGIB’s policy on non-retaliation or retribution for reports of FWA made in good faith.
d. Any reported matters that suggest substantial violations of compliance policies, regulations, or statutes shall be documented and investigated promptly. Each report, regardless of the source, shall be assigned a control number, and a record shall be made containing the following data:
(i) the date the report was made;
(ii) the person who received the report;
(iii) the allegations;
(iv) the actions taken in response; and
(v) the name of the person making the report, if not made anonymously.
e. The Compliance Officer shall inform the Administrator and the Regulatory Compliance Committee of reported incidents of material violation, and provide the Regulatory Compliance Committee with the record of the report.
f. The Compliance Officer shall maintain all discovered or reported information in the strictest confidence and shall not disclose to any person or entity, other than the Administrator, Legal Counsel and the Regulatory Compliance Committee, any such information unless otherwise directed by the Administrator or the Regulatory Compliance Committee.20
4. Employee and Business Associate Certification
All OSEEGIB employees and Business Associates engaged by OSEEGIB shall be required, on an annual basis, to certify, on a signed and dated form, whether they are aware of any violations or potential violations of this Compliance Program, and if so, shall provide detailed information about these possible violations on the form. The form shall state:
a. that confidentiality shall be maintained as best possible, and
b. that the Covered Person has the right to meet personally with the Compliance Officer in place of completing the certification form.
5. Exit Interviews
Any employee who leaves OSEEGIB’s employ, whether voluntarily or involuntarily, shall be invited to participate in an exit interview with the Compliance Officer. The Compliance Officer shall ask the departing employee whether he or she is aware of any violations of this Compliance Program. The Compliance Officer shall document the exit interview contents thoroughly on a report.
F. Disciplinary Standards and Hiring Criteria
1. Condition of Employment
Adherence with Compliance Program standards and all applicable laws and regulations is a condition of employment or association with OSEEGIB and OSEEGIB will pursue appropriate disciplinary action to enforce compliance. The Compliance Officer will review the U. S. Department of Health and Human Services Office of the Inspector General (OIG) and General Services Administration (GSA) exclusion lists on a monthly basis to ensure that OSEEGIB’s Covered Persons are not included on such lists. Any Covered Person on these lists shall be immediately removed from any work on all federal health care programs.
2. Promotion of Standards
OSEEGIB shall, under the direction of the Compliance Officer, promote standards to well-publicized disciplinary guidelines regarding its FWA plan. This may be accomplished through:
a. the release of newsletters which explain FWA;
b. including compliance guidelines for the regular topics at staff meetings,
c. displaying posters and notices in common areas
d. e-mails,
e. other kinds of communication appropriate for OSEEGIB to communicate to the employees the scope and responsibility of the Compliance Program, and21
f. posting information about FWA and reporting methods on OSEEGIB’s Internet and Intranet web sites.
The information shall be provided to all Covered Persons.
3. Disciplinary Standards
OSEEGIB shall develop, implement and maintain a mechanism of accountability and discipline for individuals who violate any law or regulation, or any of the Compliance Program standards, in the course of their employment or association with OSEEGIB. Examples of actions or omissions that will be subject to disciplinary action include, but are not limited to:
a. violation of law or any of the Compliance Program standards;
b. failure to report a suspected or actual violation of law or the Compliance Program, or failure to cooperate fully in an investigation of alleged noncompliance;
c. lack of attention or diligence on the part of supervisory personnel that directly or indirectly leads to a violation of law or the Compliance Program;
d. direct or indirect retaliation against a Covered Person who reports through any means a violation or possible violation of law or the Compliance Program; or
e. deliberately making a false report of a violation of law or any of the Compliance Program standards.
4. Hiring Criteria
No individual who has engaged in illegal or unethical behavior and/or has been convicted of health care-related crimes shall occupy positions within OSEEGIB that involve the exercise of discretionary authority as it relates to the provision or denial of insurance benefits. Accordingly, any applicant for an employment position with OSEEGIB will be required to disclose whether the individual has ever been convicted of a crime, including crimes related to health care or has ever been sanctioned by a federal health care program. In addition, OSEEGIB will reasonably inquire into the status of each prospective employee at a minimum, pursuing the following steps:
a. conducting background checks of employees to ensure that no history of engaging in illegal or unethical behavior exists; and
b. reviewing the Exclusion List; and
c. OSEEGIB shall not knowingly employ or contract with Excluded Individuals and Entities. Accordingly, OSEEGIB has implemented procedures to immediately remove Covered Persons from any work on all federal health care programs that have been convicted or excluded from participation in federal health programs. In no instance will OSEEGIB allow a Covered Person to perform in those capacities if such person has been excluded from participation in any federal health care program.22
G. Procedures for Internal Monitoring and Auditing of Fraud, Waste and Abuse
As an integral part of its commitment to prevent FWA, OSEEGIB has developed, and shall continue to develop and refine, procedures for effective internal monitoring and auditing of FWA and Risk Assessment.
1. Internal Auditing and Monitoring
In order to detect non-compliance with the Compliance Program, OSEEGIB shall periodically monitor and audit the business activities of OSEEGIB including but not limited to the auditing of the health and pharmacy claims and other Medicare compliance audits conducted at OSEEGIB’s PBM.
Auditing and monitoring of FWA may be performed utilizing any of the following:
a. unannounced internal audits or "spot checks;"
b. examination of the performance of the Compliance Program including review of training, the compliance issues log (e.g. hotline log), investigation files, certifications for receipt of standards of conduct, and conflict of interest disclosure/attestation;
c. review of areas previously found non-compliant to determine if the corrective actions taken have fully addressed the underlying problem;
d. use of objective, independent auditors that are knowledgeable of the Medicare Part D program requirements and are not employed in the area under review; and
e. access to existing audit resources, relevant personnel, and relevant areas of operation by both internal and independent auditors.
2. Formal Auditing and Monitoring
OSEEGIB’s Internal Auditor shall collaborate with the Compliance Officer and Staff Compliance Committee in coordination of formal audits. Audits may be performed by internal or external auditors with expertise in federal and state health care statutes, regulations, and policies. The external auditor shall be independent of OSEEGIB's management and have complete access to records and personnel.
3. Informal Audits and Monitoring
Monitoring activities refer to reviews that are repeated on a regular basis during the normal course of operations. Monitoring may occur to ensure corrective actions are undertaken or when no specific problems have been identified to confirm ongoing compliance.23
4. Risk Assessment
OSEEGIB shall have a risk assessment system that determines where OSEEGIB is at risk for FWA, and prioritizes (ranks) the risks. The Compliance Officer and Staff Compliance Committee shall participate in or contribute to the risk assessment process. OSEEGIB shall have a system of ongoing monitoring and auditing that is coordinated or executed by the Compliance Officer to assess performance in, at a minimum, areas identified as being at risk. The processes used to implement the risk assessment system shall be documented and available, upon request, to CMS or MEDIC.
5. Documentation
All efforts to comply with applicable statutes and regulations shall be documented, including the fact that an audit has taken place and a description of the nature and results of the audit. Any inquiries OSEEGIB makes of third party payors or Medicare carriers regarding the claim submission process shall be documented if OSEEGIB intends to rely on the guidance.
OSEEGIB or its designee will engage in data analysis to identify patterns of aberrant and potentially abusive utilization or business practice. When data analysis reveals the potential for fraud or abuse, OSEEGIB must refer these leads promptly to the MEDIC for further investigation. Documentation of how internal monitoring and auditing for FWA, including data analysis procedures, may be requested upon CMS audit.
6. Periodic Audits
On a periodic basis as determined by the Compliance Officer, but no less than once a year, OSEEGIB shall conduct random audits to ensure claims processing accuracy and adherence to the Compliance Program. When audit results reveal areas needing additional information or education of Covered Persons, these areas will be incorporated into the training and educational system. Periodic audits shall include the following:
a. the operations of OSEEGIB’s PBM and other third party administrators;
b. claims processing (e.g. claims processing edits that will identify potential FWA at the point of sale, either prospective, retrospective or both);
c. marketing operations;
d. pricing;
e. rebates and other price concessions;
f. formulary development;
g. pharmacy & therapeutics committee;
h. CMS payment operations (e.g. “the bid,” claims data submission for payment); and24
i. testing and confirming compliance with the Part D benefit regulations and all applicable state and federal laws as well as internal policies and procedures.
7. Disclosure of Audit Results
The Internal Auditor and/or Compliance Officer shall report to the Regulatory Compliance Committee the results of any audit. The Compliance Officer, in consultation with Legal Counsel, shall determine whether corrective action is necessary. Legal Counsel will advise on matters of attorney/client privilege, disclosure, and whether OSEEGIB has any affirmative duties to report the violations and/or make restitution to members, providers, or CMS.
8. Data Analysis
OSEEGIB or its designee will engage in data analysis to identify patterns of aberrant and potentially abusive utilization. When data analysis reveals the potential for FWA within OSEEGIB’s network, OSEEGIB shall refer these leads promptly to the MEDICs for further investigation. Documentation of how internal monitoring and auditing for FWA, including data analysis procedures, shall be made by OSEEGIB which may be requested upon a CMS audit.
H. Responding to Possible or Detected Violations
1. General
OSEEGIB is committed to investigating any incident of noncompliance with the Compliance Program, significant failures to comply with applicable federal or state law, and other types of misconduct which threatens or calls into question OSEEGIB’s status as a reliable, honest, and trustworthy agency of the State of Oklahoma. Fraudulent or erroneous conduct that has been detected, but not corrected, can seriously endanger the reputation and legal PDP status of OSEEGIB. In this regard, OSEEGIB has developed internal and external audit procedures and encourages Covered Persons to report FWA on their own initiative.
2. Responding to and Correcting Potential Violations
Upon receipt of reports or reasonable indications of suspected noncompliance or FWA, the Compliance Officer, or the person to whom (s)he delegates, will investigate the allegation(s) to determine whether a material violation of applicable law or requirements of the Compliance Program has occurred.
In the event any material violation of this Compliance Program, or if any incident of fraud is determined by the Compliance Officer, the Compliance Officer shall immediately take appropriate actions, including:
a. referral of any abusive or potentially fraudulent conduct or inappropriate utilization activities, once identified via proactive data analysis or other processes, for further investigation to CMS or the MEDICs;25
b. procedures to cooperate with law enforcement and the MEDICs;
c. immediate reporting of potential violations of Federal law to the DHHS OIG or, alternatively, to appropriate law enforcement authorities;
d. identification and repayment of any overpayments to the appropriate party; and
e. removal of any Covered Persons or members who engage in fraudulent or abusive practices from any work on all federal health care programs.
3. Investigation
An investigation of a particular practice or suspected violation shall involve a review of the relevant documentation and records, interviews with staff, and analysis of applicable laws and regulations. All investigations shall be conducted under the auspices of Legal Counsel and any and all investigators, consultants or other third parties retained to participate in the investigations shall be retained through Legal Counsel.
The results of any investigations shall be thoroughly documented. Investigation records shall include a description of the investigative process, copies of interview notes and key documents, a log of individuals interviewed and documents reviewed, the results of the investigation, and any disciplinary or corrective actions taken. Precautions shall be taken to ensure that critical documents are not destroyed without permission of the Compliance Officer and approval of Legal Counsel, and are retained in accordance with statutory guidelines regarding retention.
4. Corrective Action
Corrective Action should be taken promptly following completion of the investigation. If an audit or investigation reveals a material violation of this Compliance Program, the Compliance Officer and Legal Counsel shall draft a corrective plan of action, and establish deadlines by which corrective action must take place. Possible corrective actions include, but are not limited to, refunds of any overpayment received, disciplinary actions, and reporting to federal or state authorities.
All corrective actions shall be documented, and include progress reports with respect to each error identified. Any decision whether to disclose the results of investigations or audits to federal or state authorities shall be made by the Governing Board based upon recommendations of Legal Counsel.
5. Relations with CMS, MEDIC, and Law Enforcement
It is OSEEGIB’s policy to fully cooperate with CMS, MEDIC and law enforcement. OSEEGIB shall cooperate and coordinate with MEDICs, CMS, and law enforcement as appropriate, in the following ways:
a. access shall be provided to all requested facilities and records associated in any manner with the Part D program for (ten) 10 years from the end of the final contract period or completion of an audit, whichever is later, unless specific conditions apply. This includes allowing access to any26
government auditor acting on behalf of the federal government or CMS to conduct an onsite audit at the facilities of OSEEGIB or any of its subcontractors;
b. all instances of potential or actual fraud identified within OSEEGIB’s network and/or organization must be referred to the MEDICs for further investigation and/or potential referral to law enforcement;
c. complaints received by OSEEGIB alleging or demonstrating potential fraud must be referred to the MEDICs for further investigation;
d. referrals to the MEDICs shall be documented. ;
e. OSEEGIB shall be able to furnish all information requested by the MEDICs, CMS and law enforcement, including claims data, within thirty (30) days from the date of the request unless otherwise specified; and
f. once OSEEGIB has referred a case to the MEDICs, OSEEGIB will continue to track all aspects of the case, as specified by the MEDICs and provide updates to the MEDICs as needed.
6. Government Investigations/Search Warrants
In the event a Covered Person is contacted by a governmental agency regarding OSEEGIB's business, or, if a governmental agent visits a Covered Person, the Covered Person in question shall immediately notify the Compliance Officer or Legal Counsel.
A search warrant is a legal document giving authorization to specific law enforcement officers to search a specified area and to seize specific material. The warrant must describe the material that can be seized and the places that may be searched; and must be signed by, or on behalf of, a judge or magistrate with jurisdiction over the area to be searched. In the event a law enforcement officer or government agent presents a search warrant at OSEEGIB, the following procedures shall be taken:
a. cooperate with the agents and immediately notify the Compliance Officer;
b. if for any reason the Compliance Officer cannot be reached, immediately contact the compliance reporting hotline at 405-717-8771;
c. the Compliance Officer (or designee) will immediately notify Legal Counsel and the Administrator;
d. the Administrator should become the contact person for the agents;
e. ask for identification from the agent in charge of executing the warrant, and ask for a copy of both the search warrant and the affidavit submitted to the court in order to obtain the warrant. Fax or send this information to the Compliance Officer as soon as possible;
f. it is OSEEGIB’s policy to cooperate fully with the agents. It is absolutely critical that no Covered Person interferes with the agents in any way during their search or prevents them from accessing 27
anything listed in the search warrant. Obstructing or interfering with a lawful search can constitute a serious offense;
g. the contact person should accompany the agents during the search and take notes of what they take, what they look at, to whom they talk, and what questions are asked;
h. the agents may ask Covered Persons questions during the search. Agents may present themselves at the home of a Covered Person. Covered Persons have the right to either talk to the agents or not to talk to them, except to the extent that it is necessary to talk to them to comply with the warrant. Covered Persons also have the right to consult with counsel when making that decision and to have counsel present if they decide to talk to the agents;
i. the search warrant will include an attachment listing things that can be seized and places that may be searched. If the agents try to go into areas that are not listed in the warrant, ask them to wait until legal counsel arrives. If they refuse, do not interfere, but note which agents went into areas not specified in the warrant, when this occurred, and whether they seized anything from the area;
j. agents may take original documents. Request a detailed inventory of the material the agents are taking. They are required to provide a receipt for the articles taken;
k. if the agent takes documents (including computer files), ask to make copies of those documents. Agents are not required to allow copies to be made and may refuse to do so; and
l. if the agents are looking for a document housed in a place other than those listed on the warrant, let the agents know we will be happy to comply once their search warrant has been updated. Covered Persons should not block access to any area, but do not give agents permission to search an area that is not listed on the warrant.28
This publication was printed by the Oklahoma State and Education Employees Group Insurance Board, a division of the Office of State Finance, as authorized by 74 O.S., Section 1301, et seq. 250 copies have been printed at a cost of $0.102 each. Copies have been deposited with the Publications Clearinghouse of the Oklahoma Department of Libraries.29
This page intentionally left blank.

Click tabs to swap between content that is broken into logical sections.

Fraud, Waste, and Abuse
Compliance Program
January 2012Table of Contents
Glossary of Important Terms .......................................................................................................... i
PART I. Description of the Fraud, Waste and Abuse Compliance Program ................................. 1
A. Purpose ....................................................................................................................................... 1
B. Application .................................................................................................................................. 1
C. OSEEGIB as a PDP Sponsor ........................................................................................................... 1
D. Structure ..................................................................................................................................... 2
E. Core Elements .............................................................................................................................. 2
F. Scope ........................................................................................................................................... 3
G. Limitations .................................................................................................................................. 3
PART II. Code of Conduct ............................................................................................................... 4
A. Commitment of OSEEGIB ............................................................................................................. 4
B. Appointment of Compliance Officer ............................................................................................ 4
C. Laws, Rules, Regulations and Policies .......................................................................................... 4
D. Remedies for Non-Compliance .................................................................................................... 9
PART III. Fraud, Waste and Abuse Detection, Correction, Prevention and Compliance Plan .. 11
A. Policies and Procedures ............................................................................................................. 11
B. Responsibility for PBM ............................................................................................................... 12
C. Compliance Officer and Compliance Committees ..................................................................... 12
D. Training and Education .............................................................................................................. 16
E. Effective Lines of Communication ............................................................................................. 18
F. Disciplinary Standards and Hiring Criteria ................................................................................. 20
G. Procedures for Internal Monitoring and Auditing of Fraud, Waste and Abuse ........................ 22
H. Responding to Possible or Detected Violations ........................................................................ 24 i
Glossary of Important Terms
These terms will have the following meanings throughout the Oklahoma State and Education Employees Group Insurance Board’s Compliance Program:
Audit. A formal review of compliance with internal (e.g., policies and procedures) and external (e.g., laws and regulations) standards.
Business Associate. A third party acting as a fiduciary on behalf of OSEEGIB either through contract or by law in performing a function or activity regulated by HIPAA.
CMS. Centers for Medicare and Medicaid Services, an agency under the Department of Health and Human Services.
Code of Conduct. Standards adopted by OSEEGIB stating the ethical requirements for OSEEGIB’s employees and agents, with a commitment to comply with all federal and state standards and an emphasis on preventing fraud and abuse.
Compliance Program. Standards and procedures to be followed by OSEEGIB’s employees and its agents that are reasonably capable of reducing the prospect of criminal conduct and which incorporate the seven basic components of such a program as specified by the Office of Inspector General.
Covered Persons. OSEEGIB employees or any person or entity acting as a fiduciary on behalf of OSEEGIB either through contract or by law. Covered Persons specifically include those employees and persons or entities who perform services or act in any manner for or on behalf of OSEEGIB in the administration of the Medicare Part D Prescription Drug Plan.
Excluded Individual and Entity. (See 42 USCA § 1320a-7). An individual or entity who:
a. is currently excluded, debarred, suspended, or otherwise ineligible to participate in the federal health care programs or in federal procurement or non-procurement programs; or
b. has been convicted of a criminal offense that falls within the ambit of 42 USCA § 1320a-7(a), but has not yet been excluded, debarred, suspended, or otherwise declared ineligible.
Exclusion Lists. Electronic lists of excluded individuals or entities maintained by the federal Office of Inspector General (OIG) and General Services Administration (GSA) per 42 USCA § 1320a-7.
Federal Health Care Programs. As defined in 42 U.S.C. Section 1320a-7b(f), include any plan or program that provides health care benefits to any individual, whether directly, through ii
insurance, or otherwise, which is funded directly, in whole or in part, by a United States Government or state health care program, including, but not limited to, Medicare, Medicaid, Civil Health and Medical Program for the Uniformed Services (CHAMPUS), Department of Veterans Affairs (VA), Federal Bureau of Prisons, and Indian Health Services, but excluding the Federal Covered Persons Health Benefit Program (FEHBP). This specifically includes the Medicare Part D Prescription Drug Program sponsored by OSEEGIB under contract with CMS.
FWA. Fraud, waste and abuse.
Governing Board. Eight individuals who constitute the governing body of OSEEGIB as set out in Oklahoma Statutes Title 74 § 1304.
HIPAA. The Health Insurance Portability and Accountability Act of 1996, as amended.
MEDIC. Medicare Drug Integrity Contractor working with CMS.
Management. OSEEGIB employees who hold an office of trust, authority, or command.
MMA. Medicare Prescription Drug, Improvement and Modernization Act of 2003 (P.L. 108-173).
OIG. Office of Inspector General of the United States Department of Health and Human Services.
OSEEGIB. The Oklahoma State and Education Employees Group Insurance Board, a division of the Office of State Finance, which is an agency of the State of Oklahoma.
PBM. Pharmacy Benefits Manager.
PDP. A Prescription Drug Plan as established by the MMA under Medicare Part D.
Regulatory Compliance Committee. The committee consisting of three members of the Governing Board appointed by the Chairman of the Governing Board to oversee the Compliance Program.
Staff Compliance Committee. A committee consisting of OSEEGIB employees responsible for providing support to the Compliance Officer in the creation, implementation and operation of the Compliance Program.
TPA. Third Party Administrator1
PART I. Description of the Fraud, Waste and Abuse Compliance Program
A. Purpose
The Oklahoma State and Education Employees Group Insurance Board (OSEEGIB) has adopted the Fraud, Waste and Abuse Compliance Program (Compliance Program) to reaffirm OSEEGIB’s commitment to conducting its business in full compliance with applicable statutes, regulations, federal health care program requirements including the sponsorship of a Medicare Part D Prescription Drug Plan (PDP) under contract with the Centers for Medicare and Medicaid Services (CMS), pursuant to the Medicare Prescription Drug, Improvement, and Modernization Act (MMA) as it relates to the provision or denial of insurance benefits. The Compliance Program provides a solid framework for structuring a comprehensive range of compliance activities that are designed to:
1. avoid legal and compliance problems in the first instance;
2. effectively address compliance allegations as they arise;
3. remedy the effects of noncompliance;
4. identify and remove Fraud, Waste, and Abuse (FWA);
5. provide Covered Persons and the general public with an official statement of how OSEEGIB must and will conduct business;
6. provide a coordinated reporting structure between OSEEGIB, its subcontractors, and enforcement authorities; and
7. comply with OSEEGIB’s contractual obligation to CMS as a PDP sponsor.
B. Application
The Compliance Program applies to all health, dental, life and disability plans sponsored by OSEEGIB.
C. OSEEGIB as a PDP Sponsor
OSEEGIB has contracted with CMS to sponsor a PDP exclusively for its Medicare eligible retirees and their dependents. In so doing, OSEEGIB committed to fully complying with all the terms and conditions of its contract with CMS, including the Compliance Program requirements found at 42 CFR § 423.503(b)(4)(vi), and Chapter 9 of the Prescription Drug Benefit Manual located at www.cms.gov. OSEEGIB’s commitments to CMS are included as an integral part of this Compliance Program.2
D. Structure
This Compliance Program document consists of three (3) parts:
1. Part I. Description of the Compliance Program;
2. Part II. Code of Conduct; and
3. Part III. Fraud, Waste and Abuse Detection, Correction, Prevention and Compliance Plan.
E. Core Elements
The Compliance Program reflects OSEEGIB’s good faith commitment to identify and reduce risk and FWA. It also reflects the commitment to improve internal controls, and establish standards to which OSEEGIB shall adhere. As such, OSEEGIB adopts the following principles of compliance:
1. developing and distributing a written Code of Conduct, as well as written policies and procedures that promote OSEEGIB’s commitment to compliance, to provide general and specific operational guidance, and identify specific areas of risk and FWA;
2. designating a Compliance Officer and Compliance Committee charged with the responsibility of operating and monitoring the Compliance Program, including activities relating to the detection of FWA;
3. developing, implementing, and monitoring regular, effective education and training programs for Covered Persons regarding the Compliance Program and the detection of FWA and making the general public aware of the same;
4. developing effective lines of communication between the Compliance Officer, Covered Persons and members of the Compliance Committees;
5. maintaining an effective and well-publicized disclosure program to provide guidance and receive complaints about potential Compliance Program violations and FWA without fear of retaliation;
6. developing disciplinary standards and appropriate hiring criteria to respond to allegations of improper or illegal activities, and carrying out the equitable enforcement of these standards on Covered Persons who have violated laws, regulations, PDP and other federal health care program requirements or the Compliance Program standards;
7. maintaining effective auditing and monitoring systems and protocols to evaluate OSEEGIB’s and its TPA’s compliance with laws, regulations, PDP and other federal health care program requirements and the Compliance Program standards, to assist in the prevention of Compliance Program violations, and to maintain the efficacy of the Compliance Program; and
8. investigating, responding to and preventing identified compliance problems, FWA, including establishing appropriate and coordinated corrective action measures with the assurance that 3
OSEEGIB can take appropriate corrective actions according to any circumstances or problems that may arise.
F. Scope
These Compliance Program standards shall apply to Covered Persons affiliated with OSEEGIB throughout its diverse operations. It is the responsibility of Covered Persons to be familiar and comply with all requirements of the Compliance Program that pertain to their respective areas of responsibility and recognize and avoid actions and relationships that might violate those requirements.
G. Limitations
The Compliance Program is not intended to summarize all laws and regulations applicable to OSEEGIB. This Compliance Program is a policy of OSEEGIB that will be updated periodically to assure that Covered Persons are kept informed of current legal and compliance developments in the health care industry. Any doubts whatsoever as to the appropriateness of a particular situation, whether or not the situation is described within this Compliance Program, should be submitted either to an immediate supervisor, management, OSEEGIB’s Human Resources director, OSEEGIB’s Compliance Officer, OSEEGIB’s legal counsel, OSEEGIB’s compliance toll free hot line at 1-866-381-3815, or OSEEGIB’s website at http://www.ok.gov/sib/Fraud,_Waste,_and_Abuse.html.4
PART II. Code of Conduct
A. Commitment of OSEEGIB
OSEEGIB is committed to:
1. conducting its business in accordance with the highest standards of ethical conduct;
2. conducting its business activities with integrity and in full compliance with the federal, state and local laws governing its business; and
3. complying with all federal and state regulatory requirements related to the Medicare programs, including but not limited to the Anti-Kickback Statutes and False Claims Act and the detection, correction and prevention of FWA.
This commitment applies to relationships with its members, enrollees, federal, state and local governments, vendors, competitors, auditors and all public and government bodies. Most importantly, it applies to all Covered Persons.
B. Appointment of Compliance Officer
To protect OSEEGIB’s reputation and to assure uniformity in standards of conduct, OSEEGIB has established this Code of Conduct as a part of its Compliance Program. A Compliance Officer has been appointed to:
1. implement compliance with the Compliance Program;
2. serve as a contact for Covered Persons and the general public to report any potential violations of laws, regulations or this Compliance Program; and
3. ensure appropriate action against violators of any such laws, regulations or this Compliance Program.
C. Laws, Rules, Regulations and Policies
The intent of this Compliance Program is to ensure that every Covered Person acknowledges the proper standards of conduct and conforms his or her conduct to all applicable laws, rules and regulations. OSEEGIB is committed to continually monitoring and updating its Compliance Program to incorporate any modifications to applicable standards. These laws and other standards include, but are not limited to, the following relevant concepts set out under the cited code and OSEEGIB’s cited agency policy.5
Civil and Criminal False Claims (42 U.S.C. §§ 1320a-7a & 1320a-7b). Covered Persons shall not knowingly and/or willfully make or cause to be made any false statement or representation of material fact in any claim or application for benefits under any federal health care program or health care benefit program. Covered Persons shall not knowingly present a claim to any federal health care program or health care benefit program for an item or service the person knows or should have known, was not provided, was fraudulent, or was not medically necessary. No claim for an item or service shall be submitted that is based on a code that the person knows or should know will result in greater payment than the code the person knows or should know is applicable to the item or service actually provided. Covered Persons shall not give or cause to be given any information with respect to coverage of inpatient services which that person knows is false and could influence the decision regarding when to discharge an individual from any health care facility. Covered Persons shall not offer to transfer, or transfer, any remuneration to a beneficiary under a federal health care program, that the person knows or should know is likely to influence the beneficiary to order and/or receive any item or service from a particular provider, practitioner, or supplier, for which payment may be made, in whole or in part, under a federal health care program. Remuneration includes the waiver of coinsurance and deductible amounts except as otherwise provided, and transfers of items or services for free or for less than fair market value. Examples of prohibited conduct include, but are not limited to: misrepresenting services which were rendered; falsely certifying that services were medically necessary; "up-coding"; billing for services not actually rendered; making false statements to governmental agencies about OSEEGIB’s compliance with any state or federal rules; and, failing to refund overpayments made by a federal health care program.
Anti-Kickback Act (42 U.S.C. §1320a-7b(b)) and Anti-Kickback Act of 1974 (74 O. S. 1991, § 3401, et seq. ). Covered Persons shall not knowingly and/or willfully solicit, offer to pay, pay, or receive, any remuneration, either directly or indirectly, overtly or covertly, in cash or in kind, in return for:
a. Referring an individual to a person for the furnishing, or arranging for the furnishing, of any item or service for which payment may be made, in whole or in part, under any federal health care program;
b. Purchasing, leasing, ordering, or arranging for, or recommending the purchasing, leasing, or ordering of any goods, facility, service or item for which payment may be made in whole or in part, under any federal health care program; or
c. Remuneration may include kickback payments, bribes, or rebates.
Exclusion from Federal Health Care Programs (42 USC 1320a-7). Individuals or entities convicted for a program related crime, a criminal offense relating to patient abuse or neglect, a felony offense related to health care fraud, or a felony offense related to controlled substances must be excluded from Medicare and Medicaid for a minimum of 5 years.
Ethics in Patient Referrals Act of 1989 (42 U.S.C. §1395nn). Covered Persons who have an ownership and/or compensation relationship in non-excluded entities shall not refer a patient in need of designated health services for which payment may be made under Medicare or Medicaid to such entities with which they have a financial relationship.6
Health Care Fraud (18 U.S.C. §1347). Covered Persons shall not knowingly or willfully execute or attempt to execute, a scheme or artifice to: defraud any health care benefit program; or obtain, by means of false or fraudulent pretense, representation, or promise any of the money or property owned by or under the custody or control of any health care benefit program, in connection with the delivery of, or payment for, health care benefits, items, or services.
Criminal False Statements Related to Health Care Matters (18 U.S.C. §1035). Covered Persons shall not knowingly and willfully make or use any false, fictitious, or fraudulent statements, representations, writings or documents, regarding a material fact in connection with the delivery of, or payment for, health care benefits, items or services. Covered Persons shall not knowingly and willfully falsify, conceal or cover up a material fact by any trick, scheme or device.
Federal Civil False Claims Act (31 U.S.C. §§3729-3733 as amended). Covered Persons shall not:
a. Knowingly file a false or fraudulent claim for payments to a governmental agency, or health care benefit program;
b. Knowingly use a false record or statement to obtain payment on a false or fraudulent claim from a governmental agency or health care benefit program;
c. Knowingly conceal or improperly avoid or decrease an obligation to pay or transmit money or property to a governmental agency or health care benefit program; or
d. Conspire to defraud a governmental agency or health care benefit program by attempting to have a false or fraudulent claim paid.
Examples of false or fraudulent claims include, but are not limited to, double billing, upcoding, unbundling, submitting or processing claims for items or services not provided, submitting or processing claims for items or services not medically necessary, and billing for non-covered services.
Criminal False Claims Act (18 U.S.C. § 286, §287). Covered Persons shall not knowingly make any false, fraudulent or fictitious claim against a governmental agency or health care benefit program. Conspiring to defraud a governmental agency or health care benefit program is prohibited.
Criminal Wire and Mail Fraud (18 U.S.C. §1341, §1343). Covered Persons shall not devise and/or implement a scheme to defraud a governmental agency or health care benefit program, which uses the U.S. Postal Service, private postal carriers or telephone lines to perpetrate the fraud.
Criminal False Statement Act (18 U.S.C. §1001). Covered Persons shall not knowingly and willfully falsify or make any fraudulent, false or fictitious statement against a governmental agency or health care benefit program.
Theft or Embezzlement in Connection with Health Care (18 U.S.C. §669). Covered Persons shall not embezzle, steal or otherwise, without authority, convert to the benefit of another person, or intentionally misapply money, funds, securities, premiums, credits, property, or other assets of a health care benefit program.7
Obstruction of Criminal Investigations of Health Care Offenses (18 U.S.C. §1518). Covered Persons shall not willfully prevent, obstruct, mislead, delay, or attempt to prevent, obstruct, mislead or delay the communication of information or records relating to a violation of a federal health care offense to a criminal investigator.
Criminal Conspiracy (18 U.S.C. §371). Covered Persons shall not conspire to defraud any governmental agency or health care benefit program in any manner or for any purpose.
RICO and Money Laundering Acts (18 U.S.C. §1956, §1961 et. seq.). Covered Persons shall not use any income obtained from mail or wire fraud to operate any enterprise. In addition, Covered Persons shall not use the proceeds of wire or mail fraud in financial transactions, which promote the underlying fraud.
Equal Employment Opportunity and Affirmative Action (OSEEGIB Agency Policy 004). OSEEGIB’s policy is to continuously provide equal employment and advancement opportunities in all job classifications without regard to political opinion or affiliation, race creed, gender, age, color, national origin, or physical handicap, so long as the physical handicap does not render the person unable to perform the essential functions of the job, with or without an accommodation, for which he/she is employed.
Confidentiality and Security of Information under HIPAA, HITECH, 24 O.S. § 161, 74 O.S. § 1322 and OSEEGIB Policy 102. Oklahoma Statutes, OSEEGIB Rules, HIPAA Regulations, and individual confidentiality agreements with OSEEGIB mandate that each employee, business associate, contractor, intern, or anyone with access to employee or member confidential information protect the privacy and confidentiality of that information and not release that information without written consent, subpoena or court order. Covered Persons must report disclosures of confidential information immediately to employees’ supervisors (if applicable) and OSEEGIB’s Compliance Officer. OSEEGIB’s Compliance Officer will determine what additional action should be taken.
Drug/Alcohol Free Workplace (OSEEGIB Policy 502). All OSEEGIB employees are prohibited from unlawfully manufacturing, distributing, dispensing, processing, and/or using drug/alcohol controlled substances in or on all state government facilities, property or workplaces, or while conducting business for OSEEGIB.
Ethical Conduct at 74 O. S. § 1305(5) and OSEEGIB Policy 504. During working and non-working hours, all agency personnel will ensure that their actions, activities and conduct are in accordance with the ethical requirements of all laws, rules, regulations, and policies applicable to the agency which governs the ethical conduct of agency employees. No agency employee shall solicit, agree to accept, or accept any bribe, gratuity, favor, or anything of value given, offered, or promised for the purpose of influencing their official act, decision, or judgment; or that may have the appearance of such actions.
No personal business is to be conducted by any employee during working hours or at any other time in Agency offices. State telephones, vehicles, calculators, computers, word processors, copiers, supplies, office space or any other equipment or facilities provided by the State for the business of the Agency shall not be used for personal business by Covered Persons, relatives, friends or associates.8
Sexual Harassment (OSEEGIB Policy 507). Sexual harassment is discrimination on the basis of gender (sex). It includes, but is not limited to, unwelcome sexual advances, requests for sexual favors, or other verbal or physical conduct of a sexual nature. No officer or employee of any agency shall permit or engage in sexual harassment. OSEEGIB has a zero tolerance standard for sexual harassment in the work place. This includes agency employees, TPAs, vendors, or other consultants and outside contractors.
Workplace Violence (OSEEGIB Agency Policy 514). OSEEGIB prohibits violent acts or any conduct that may lead to violence, by any agency employee, guest, member or third party contractor.
Additionally:
a. Covered Persons must not cause another Covered Person, entity or general public to violate these standards, whether through inducement, suggestion or coercion.
b. Conflict of Interest. Covered Persons must certify that there is no conflict of interest. Certification is required at time of hire or contract, and annually thereafter.
c. Marketing and Member Service Activities. It is OSEEGIB’s policy to offer only honest, straightforward, fully informative and nondeceptive information when conducting marketing activities. It is in the best interests of members, OSEEGIB and payers alike, for members, physicians, pharmacists, dentists, insurance coordinators, and other referral sources to understand fully the benefits offered by OSEEGIB, and the potential financial consequences if OSEEGIB’s
a. Benefits are selected. Therefore, Covered Persons shall not distort the truth, make false claims, engage in fraudulent comparative analysis or attack or disparage another health, dental or pharmacy plan. OSEEGIB monitors marketing activities that involve the distribution of promotional materials to members or third parties that may have monetary value to evaluate compliance with the relevant policies.
d. Contract Negotiation. OSEEGIB has an affirmative duty to disclose current, accurate and complete cost and pricing data where such data is required under appropriate federal or state law or regulation. Covered Persons involved in the pricing of contract proposals or in the negotiation of a contract must ensure the accuracy, completeness and currency of all data generated and given to supervisors and other employees. Furthermore, all representations made by OSEEGIB employees to OSEEGIB’s members and contractors, both government and commercial, must be accurate, complete and current. The submission to a federal or state government customer of a representation, quotation, statement or certification that is false, incomplete or misleading can result in civil and/or criminal liability for OSEEGIB, the involved employee and any supervisors who condone and/or permit such an improper practice.
e. Financial Reporting and Internal Control. False or misleading entries may not be made in the financial books or employment records of OSEEGIB for any reason. No Covered Person shall engage in any actions that result in or create false or misleading entries in OSEEGIB’s books and records. All financial reports, accounting records, expense accounts, other documents must accurately and clearly represent the relevant facts or the true nature of a transaction.9
f. Maintenance of Records and Files. All Covered Persons must follow OSEEGIB’s policy regarding the retention, disposal or destruction of any OSEEGIB records or files. Laws and regulations require retention of certain OSEEGIB records for various periods of time, particularly in the Part D, tax, financial, personnel, health and safety environment, HIPAA, and contract areas. Records should always be retained or destroyed according to OSEEGIB’s record retention policies and those policies dictated by the MMA. Those policies should always be consistently adhered to. In accordance with those policies, in the event of litigation or governmental investigation, please consult OSEEGIB’s legal counsel.
g. Responsibility for Data Submitted to CMS by subcontractors. Compliance with the Compliance Program standards and all applicable laws and regulations is a condition of employment or association with OSEEGIB. OSEEGIB will pursue appropriate disciplinary action to enforce compliance. The Compliance Officer will review the Department of Health & Human Services Office of Inspector General (OIG) and General Services Administration (GSA) exclusion lists on a monthly basis to ensure that Covered Persons are not included on such lists. Any Covered Persons found on these lists shall be immediately removed from any work on all federal health care programs.
D. Remedies for Non-Compliance
Possible disciplinary action shall depend on the degree of severity of noncompliance and may include, but shall not be limited to:
a. warnings (oral);
b. reprimands (written);
c. probation;
d. demotion;
e. suspension without pay;
f. referral to counseling;
g. withholding of a promotion or salary increase or other financial penalties;
h. termination;
i. failure to renew agreements;
j. contract termination;
k. restitution of damages; and
l. referral for criminal prosecution to law enforcement agencies, CMS or MEDIC as appropriate.10
Copies of this Code of Conduct shall be distributed to all Covered Persons at the time of hire, to Governing Board Members at or before their first regular Board meeting, and when the standards are updated, and annually thereafter. As a condition of employment, OSEEGIB employees shall certify that they have received, read, and will comply with all written standards of conduct and this Compliance Program.
Disciplinary action will be pursued on a fair and equitable basis, and employees at all levels of OSEEGIB shall be subject to the same disciplinary action for the commission of similar offenses, including management. OSEEGIB’s Human Resources Director, in conjunction with the Compliance Officer and Compliance Committee, will serve as the appropriate body to ensure that the imposed discipline is proportionate and administered fairly and consistently in compliance with OSEEGIB’s policies and procedures.
Disciplinary standards shall be well-publicized and shall be disseminated and available. Enforcement of disciplinary standards will require an effective working relationship between the Compliance Officer, Human Resources and other areas of OSEEGIB maintaining primary responsibility for administering discipline.
This Compliance Program may not include all circumstances that would fall within the intent of the Compliance Program and be considered a violation that should be reported. Persons should report all suspected dishonest or illegal activities whether or not they are specifically addressed in the Compliance Program.11
PART III. Fraud, Waste and Abuse Detection, Correction, Prevention and Compliance Plan
A. Policies and Procedures
OSEEGIB is committed to policies and procedures for the detection, correction and prevention of FWA. To articulate its commitment to detect, correct and prevent FWA, OSEEGIB will:
1. maintain a commitment to comply with federal and state regulatory requirements related to the Medicare program, including but not limited to the Anti-Kickback Statute and False Claims Act. OSEEGIB will continually monitor and update its Compliance Program to incorporate any modifications to applicable standards;
2. develop procedures that establish ramifications in instances where federal or state statutes or other regulatory requirements are breached;
3. distribute OSEEGIB’s written Code of Conduct related to FWA to all Covered Persons at time of hire or contract, when the standards are updated, and annually thereafter. As a condition of employment, employees shall certify that they have received, read, and will comply with all written Code of Conduct;
4. have Covered Persons sign a statement, attestation or certification related to conflict of interest at time of hire or contract and annually thereafter;
5. maintain policies that require the review of the U. S. Department of Health & Human Services Office of Inspector General (DHHS OIG) and General Services Administration (GSA) exclusion lists on a monthly basis to ensure that its Covered Persons are not included on such lists. If the Covered Persons are on such lists, OSEEGIB’s policies shall require the immediate removal of such Covered Persons from any work on all federal health care programs;
6. describe the arrangements for identifying overpayments within its network and making repayments to the appropriate party of any overpayments;
7. establish procedures for the identification of FWA in OSEEGIB’s network;
8. maintain procedures for referring instances of potential FWA to the MEDICs for further investigation;
9. establish policies and procedures for coordinating and cooperating with MEDICs, CMS, and law enforcement, including policies that fully cooperate with any audits conducted by the above-mentioned entities;
10. establish procedures for performing data requests for MEDICs, CMS, and law enforcement;12
11. maintain policies and procedures to comply with CMS’ ten-year record retention requirement for PDPs as listed in the Federal Regulation at 42 CFR § 423.505(d) and Oklahoma’s record retention policy at 67 O. S. § 206;
12. establish policies and procedures to ensure full disclosure to CMS of all OSEEGIB’s bid pricing decisions for the PDP including clear guidance on how all decisions were documented; and
13. establish policies and procedures that maintain a commitment to legal and ethical Pharmacy & Therapeutic Committee decisions and formulary decisions.
OSEEGIB will establish procedures to ensure that it is in compliance with its contractual obligations to CMS as a PDP sponsor.
B. Responsibility for PBM
OSEEGIB is ultimately responsible for data submitted to CMS by OSEEGIB’s PBM. When the PBM submits data on behalf of OSEEGIB, the PBM, in addition to OSEEGIB, must certify to CMS regarding the accuracy, completeness, and truthfulness of the data and acknowledge that the data submitted on behalf of OSEEGIB will be used for the purposes of obtaining federal reimbursement.
C. Compliance Officer and Compliance Committees
OSEEGIB maintains a full-time Compliance Officer, an internal compliance committee comprised of OSEEGIB staff and a Regulatory Compliance Committee of the Governing Board to oversee the Compliance Program.
1. Compliance Officer
The Compliance Officer is the focal point of the Compliance Program and shall be accountable for all compliance responsibilities at OSEEGIB. The Compliance Officer shall be a full-time employee whose role shall not be split between two persons. Based upon OSEEGIB’s Compliance Officer’s scope of responsibilities, OSEEGIB’s size and resources, and the complexity of tasks, the Compliance Officer charged with the responsibilities overseeing the overall OSEEGIB Compliance Program and the Medicare Part D Compliance Plan mandated by CMS to PDP sponsors (which is incorporated into this overall Compliance Plan) shall be one and the same person.
The presence of the Compliance Officer does not diminish or alter a Covered Person’s or entity’s independent duty to abide by the Compliance Program. For example, managers and supervisors should be responsible for monitoring and promoting compliant behavior among those he or she supervises. 13
In addition to the general accountability for OSEEGIB’s Compliance Program, the Compliance Officer’s responsibilities include:
a. developing, operating and monitoring the FWA program with authority to report directly to the Governing Board or OSEEGIB’s administrator;
b. periodically assessing OSEEGIB’s compliance risk exposure and the development of action plans to assure that the Compliance Program responds to identified risk areas;
c. formulating and ensuring the distribution of the Compliance Program;
d. overseeing the establishment, distribution and maintenance of the policies and procedures necessary to support the Compliance Program;
e. ensuring that effective systems are established to prevent employment of individuals or contracting with vendors who are Excluded Individuals or Entities or who are otherwise determined to have engaged in illegal activities;
f. ensuring that compliance education and training programs are effective to familiarize all OSEEGIB’s employees with the components of the Compliance Program;
g. updating and refreshing education and training information through mandatory periodic training that addresses compliance issues related to specific departments, groups of employees or other Covered Persons;
h. coordinating internal audit endeavors to assess the effectiveness of OSEEGIB’s internal controls and to detect significant violations of legal and ethical standards;
i. maintaining a well-publicized disclosure program for reporting of potential Compliance Program violations without fear of retaliation and promoting effective lines of communication for Covered Persons, providers, members and the general public to pose informal compliance questions;
j. maintaining a record of compliance-related complaints and allegations and the disposition of each case, including any associated disciplinary actions and remedial action pursued by OSEEGIB;
k. conducting investigations, or authorizing outside investigations, in consultation with Legal Counsel, of potential violations of laws, regulations, other federal health care program requirements, or instances of unethical behavior, which jeopardize OSEEGIB;
l. evaluating, determining and implementing the most appropriate remedy to correct an incident of noncompliance, once detected, and develop and implement strategies for identifying and preventing future incidents;
m. reporting, in consultation with Legal Counsel any compliance matter requiring external reporting or disclosure;
n. making at least quarterly reports on compliance developments to the Administrator and to the Regulatory Compliance Committee, after consulting with Legal Counsel.14
o. serving as Chairperson of the Staff Compliance Committee;
p. maintaining a good working relationship with key operational areas relevant to the effective implementation of the Compliance Program, including Operations, Human Resources, Legal, Internal Audit and Finance;
q. providing guidance and interpretation to the Regulatory Compliance Committee, Governing Board, Administrator and Management, in consultation with Legal Counsel, on matters related to the Compliance Program;
r. preparing, at least annually a report describing the compliance activities and actions undertaken during the preceding year, the compliance priorities for the next year, and any recommendations for changes to the Compliance Program. This report should include input from the Staff Compliance Committee; and
s. reviewing and updating this Compliance Program at least annually, and as required by events, such as changes in the law, or discovered flaws in the Program.
2. Staff Compliance Committee
OSEEGIB shall establish a Staff Compliance Committee that is overseen by the Compliance Officer. The Compliance Committee shall be responsible for providing support to the Compliance Officer in the creation, implementation and operation of the Compliance Program. The Compliance Committee is critically important in establishing accountability, credibility, and the structure of the Compliance Program. The purpose of the Staff Compliance Committee is to allow OSEEGIB and the Compliance Officer to benefit from the combined perspectives of individuals with diverse responsibilities and experiences. Accordingly, in addition to the Compliance Officer, who will chair the Committee, the Staff Compliance Committee shall include representatives of and be attended by the following divisions:
a. Legal;
b. Internal Auditing;
c. Finance;
d. Information Technology;
e. Human Resources; and
f. Operations, Policy and Plan Design.
The Compliance Committee is authorized to invite other persons or the general public to meetings to draw from other relevant expertise related to the matter under discussion. The Staff Compliance Committee shall support the Compliance Officer in furthering the objectives of the Compliance Program by:
a. developing a structure to promote compliance of organizational functions;15
b. analyzing the legal requirements with which OSEEGIB must comply, and the specific risk areas;
c. updating and providing revisions to the Compliance Program;
d. developing effective training programs;
e. recommending and supervising, in consultation with the relevant departments and facilities, the development of internal systems and controls to achieve the standards set forth in the Compliance Program;
f. determining the appropriate strategy to promote adherence to the Compliance Program standards;
g. developing a system to solicit, evaluate and respond to complaints and problems;
h. creating and implementing effective methods for the proactive identification of potential compliance programs throughout OSEEGIB;
i. assessing the effectiveness of the Compliance Program;
j. furnishing recommendations to the Compliance Officer regarding reports to be furnished to the Administrator, the Regulatory Compliance Committee, the Governing Board, or other parties; and
k. reviewing and providing comments to the annual compliance audit plan.
The Staff Compliance Committee may also address other compliance functions as the Compliance Program develops.
The Staff Compliance Committee shall create ad hoc committees and task forces as necessary to perform specialized functions, such as conducting an investigation into reported noncompliance, in an efficient and effective manner.
Any report generated by the Compliance Officer or Compliance Committee shall be delivered to Legal Counsel for review.
3. Regulatory Compliance Committee
The Governing Board shall establish a Regulatory Compliance Committee composed of three members of the Governing Board. The Regulatory Compliance Committee shall act on behalf of the Governing Board in regard to the Compliance Program and its responsibilities. Members of the Regulatory Compliance Committee shall be appointed by the Chairman of the Governing Board on an annual basis. The Chairman of the Regulatory Compliance Committee shall be appointed by the Chairman of the Governing Board on an annual basis.16
4. Periodic Review of Compliance Program’s Effectiveness
The Compliance Officer will regularly, at least annually, review the effectiveness of the Compliance Program and make a report to the Administrator and the Regulatory Compliance Committee. The report will include any Compliance Program updates or revisions that may be needed. If a violation occurred and was not immediately detected, the Compliance Program must be reviewed with a determination of the need for modification. The Compliance Officer should analyze the situation to determine whether a flaw in the Compliance Program failed to anticipate the detected problem, or whether the Compliance Program’s procedures failed to prevent the violation.
As part of the regular review of the effectiveness of the Compliance Program, the Compliance Officer should consider other risk areas and newly developed methodologies that might be appropriate for the Compliance Program to review.
The Compliance Officer will remain educated and knowledgeable in the area of compliance. The Compliance Officer will regularly review notices and reports from the OIG to identify vulnerabilities and risk area on which the OIG (or others in the field of ethics and FWA detection) will focus in the future. The Administrator and the Governing Board will be immediately advised of any particular activities that are being reviewed by OIG related to OSEEGIB and any risks of which OSEEGIB needs to be aware.
D. Training and Education
1. General
In order to create and maintain a culture of compliance, OSEEGIB shall provide initial and continuing education for its employees on all matters set forth in this Compliance Program. Participation in the educational programs set forth in this Compliance Program shall be a condition of employment with OSEEGIB and all new employees will be trained within sixty (60) days of beginning employment. All Covered Persons shall receive a minimum of one hour annually for basic training in compliance areas.
OSEEGIB will use a variety of methods to train and educate its employees regarding the Compliance Program. These include live and videotaped presentations, distribution of written materials, including newsletters and posting information on bulletin boards, and web-based tools. In establishing educational objectives for current and future employees, OSEEGIB will determine:
a. the type of training that best suits OSEEGIB’s needs (e.g., seminars, in-service training, self-study or other programs); and
b. when the education is needed and how much each person should receive to achieve the Compliance Program’s goals.
Requirements shall be incorporated in each employee’s yearly Performance Management Process evaluation.17
All Covered Persons, other than OSEEGIB employees, shall be responsible for establishing an education and training program that encompasses potential FWA and access to OSEEGIB’s reporting of FWA. OSEEGIB’s PBM shall have training and education specifically including the Compliance Program requirements found at 42 CFR § 423.503(b)(4)(vi) and Chapter 9 of the Prescription Drug Benefit Manual located at www.cms.gov.
2. Compliance Training
Training will include information on the compliance program itself and applicable statutes and regulations. The educational programs provided by OSEEGIB shall include:
a. an overview of this Compliance Program with specific instruction on the disclosure and reporting mechanisms contained in the Compliance Program, and the duty and means by which possible violations can be reported;
b. how Part D and other OSEEGIB FWA may be identified;
c. what to do when FWA is identified;
d. an overview of state and federal laws and regulations identified in Code of Conduct and how they relate to OSEEGIB, including the roles and responsibilities of the individuals in potentially identifying areas that need to be reported for further investigation;
e. an overview of federal and state anti-discrimination and harassment laws and OSEEGIB's polices with regard to the same;
f. training on common fraudulent schemes in the health care and pharmaceutical industry as identified by CMS, the OIG, or the U. S. Department of Justice;
g. training and education on OSEEGIB's policy regarding governmental investigations and search warrants;
h. training regarding the role of each Covered Person and the consequences for OSEEGIB and the individual violating the policies;
i. the role of CMS, MEDIC and law enforcement, and cooperation with these entities in an investigation; and
j. training regarding the key risk areas in the OIG guidance and areas of particular OIG interest.
3. Documentation
OSEEGIB shall maintain documentation of all educational activities, including a record of dates, times, attendance, materials distributed and agenda for all professional and compliance training sessions in which Covered Persons participate.18
4. Compliance Reference Materials
The Compliance Officer shall maintain a library of regulatory and compliance related information and training manuals. This information includes carrier newsletters, Medicare manuals, federal regulations, Health Care Financing Administration (HCFA) interpretations, and materials published by the American Medical Association and other relevant professional societies. The Compliance Officer is also responsible for regularly disseminating new compliance information to Covered Persons.
E. Effective Lines of Communication
1. General
OSEEGIB shall have effective lines of communication to receive, record and respond to instances of potential FWA and other reports of non-compliance with these policies between the Compliance Officer, the general public, Covered Persons, Governing Board members, and members of the Compliance Committees.
The Compliance Officer is charged with the responsibility of ensuring that a clear “open door” policy between Covered Persons, members, the general public and the compliance office is established. This includes procedures to ask compliance questions or make reports of potential or actual non-compliance to the Compliance Officer. The Compliance Officer will utilize a number of communication techniques to continually update Covered Persons on compliance information. This will include the use of bulletin board(s) in common areas, email, newsletters, and OSEEGIB’s Internet and Intranet sites.
2. Effective Communication Assurance
To ensure effective communication, OSEEGIB will:
a. ensure that Covered Persons are aware that policies and procedures require Covered Persons report conduct that a reasonable person would, in good faith, believe to be fraudulent or erroneous, and that failure to do so is a violation of the Compliance Program;
b. have a simple and readily accessible procedure, developed by the Compliance Officer, to process reports of fraudulent or erroneous conduct;
c. have a process that maintains the confidentiality of the persons involved in the alleged fraudulent or erroneous conduct and the person making the allegation; and
d. ensure that there will be no retribution for reporting conduct that a reasonable person acting in good faith would have believed to be fraudulent or erroneous.
3. Methods of Reporting
All Covered Persons are required to report incidents of violations of this Compliance Program, unethical conduct, or incidents of potential FWA to the Compliance Officer.19
a. Such reports may be made to the Compliance Officer in person, in writing, or by phone. Reports shall be treated as confidential to the extent reasonably possible. There shall be no retaliation against anyone who submits a good faith report of noncompliance.
b. Reports may be made on an anonymous basis through a drop box, Internet website, or a direct telephone hotline; investigations to hot line inquiries involving potential FWA violations shall be responded to within thirty (30) days of request.
c. Published information, including outgoing greetings on “hotline” systems shall include a:
(i) description of the various methods available to report FWA;
(ii) statement that every attempt will be made to maintain confidentiality, but the confidentiality may be guaranteed if law enforcement is involved;
(iii) description of how anonymous reports may be made and how the anonymous system will allow the reporter to provide additional information (if needed) and receive status updates on the investigation; and
(iv) description of OSEEGIB’s policy on non-retaliation or retribution for reports of FWA made in good faith.
d. Any reported matters that suggest substantial violations of compliance policies, regulations, or statutes shall be documented and investigated promptly. Each report, regardless of the source, shall be assigned a control number, and a record shall be made containing the following data:
(i) the date the report was made;
(ii) the person who received the report;
(iii) the allegations;
(iv) the actions taken in response; and
(v) the name of the person making the report, if not made anonymously.
e. The Compliance Officer shall inform the Administrator and the Regulatory Compliance Committee of reported incidents of material violation, and provide the Regulatory Compliance Committee with the record of the report.
f. The Compliance Officer shall maintain all discovered or reported information in the strictest confidence and shall not disclose to any person or entity, other than the Administrator, Legal Counsel and the Regulatory Compliance Committee, any such information unless otherwise directed by the Administrator or the Regulatory Compliance Committee.20
4. Employee and Business Associate Certification
All OSEEGIB employees and Business Associates engaged by OSEEGIB shall be required, on an annual basis, to certify, on a signed and dated form, whether they are aware of any violations or potential violations of this Compliance Program, and if so, shall provide detailed information about these possible violations on the form. The form shall state:
a. that confidentiality shall be maintained as best possible, and
b. that the Covered Person has the right to meet personally with the Compliance Officer in place of completing the certification form.
5. Exit Interviews
Any employee who leaves OSEEGIB’s employ, whether voluntarily or involuntarily, shall be invited to participate in an exit interview with the Compliance Officer. The Compliance Officer shall ask the departing employee whether he or she is aware of any violations of this Compliance Program. The Compliance Officer shall document the exit interview contents thoroughly on a report.
F. Disciplinary Standards and Hiring Criteria
1. Condition of Employment
Adherence with Compliance Program standards and all applicable laws and regulations is a condition of employment or association with OSEEGIB and OSEEGIB will pursue appropriate disciplinary action to enforce compliance. The Compliance Officer will review the U. S. Department of Health and Human Services Office of the Inspector General (OIG) and General Services Administration (GSA) exclusion lists on a monthly basis to ensure that OSEEGIB’s Covered Persons are not included on such lists. Any Covered Person on these lists shall be immediately removed from any work on all federal health care programs.
2. Promotion of Standards
OSEEGIB shall, under the direction of the Compliance Officer, promote standards to well-publicized disciplinary guidelines regarding its FWA plan. This may be accomplished through:
a. the release of newsletters which explain FWA;
b. including compliance guidelines for the regular topics at staff meetings,
c. displaying posters and notices in common areas
d. e-mails,
e. other kinds of communication appropriate for OSEEGIB to communicate to the employees the scope and responsibility of the Compliance Program, and21
f. posting information about FWA and reporting methods on OSEEGIB’s Internet and Intranet web sites.
The information shall be provided to all Covered Persons.
3. Disciplinary Standards
OSEEGIB shall develop, implement and maintain a mechanism of accountability and discipline for individuals who violate any law or regulation, or any of the Compliance Program standards, in the course of their employment or association with OSEEGIB. Examples of actions or omissions that will be subject to disciplinary action include, but are not limited to:
a. violation of law or any of the Compliance Program standards;
b. failure to report a suspected or actual violation of law or the Compliance Program, or failure to cooperate fully in an investigation of alleged noncompliance;
c. lack of attention or diligence on the part of supervisory personnel that directly or indirectly leads to a violation of law or the Compliance Program;
d. direct or indirect retaliation against a Covered Person who reports through any means a violation or possible violation of law or the Compliance Program; or
e. deliberately making a false report of a violation of law or any of the Compliance Program standards.
4. Hiring Criteria
No individual who has engaged in illegal or unethical behavior and/or has been convicted of health care-related crimes shall occupy positions within OSEEGIB that involve the exercise of discretionary authority as it relates to the provision or denial of insurance benefits. Accordingly, any applicant for an employment position with OSEEGIB will be required to disclose whether the individual has ever been convicted of a crime, including crimes related to health care or has ever been sanctioned by a federal health care program. In addition, OSEEGIB will reasonably inquire into the status of each prospective employee at a minimum, pursuing the following steps:
a. conducting background checks of employees to ensure that no history of engaging in illegal or unethical behavior exists; and
b. reviewing the Exclusion List; and
c. OSEEGIB shall not knowingly employ or contract with Excluded Individuals and Entities. Accordingly, OSEEGIB has implemented procedures to immediately remove Covered Persons from any work on all federal health care programs that have been convicted or excluded from participation in federal health programs. In no instance will OSEEGIB allow a Covered Person to perform in those capacities if such person has been excluded from participation in any federal health care program.22
G. Procedures for Internal Monitoring and Auditing of Fraud, Waste and Abuse
As an integral part of its commitment to prevent FWA, OSEEGIB has developed, and shall continue to develop and refine, procedures for effective internal monitoring and auditing of FWA and Risk Assessment.
1. Internal Auditing and Monitoring
In order to detect non-compliance with the Compliance Program, OSEEGIB shall periodically monitor and audit the business activities of OSEEGIB including but not limited to the auditing of the health and pharmacy claims and other Medicare compliance audits conducted at OSEEGIB’s PBM.
Auditing and monitoring of FWA may be performed utilizing any of the following:
a. unannounced internal audits or "spot checks;"
b. examination of the performance of the Compliance Program including review of training, the compliance issues log (e.g. hotline log), investigation files, certifications for receipt of standards of conduct, and conflict of interest disclosure/attestation;
c. review of areas previously found non-compliant to determine if the corrective actions taken have fully addressed the underlying problem;
d. use of objective, independent auditors that are knowledgeable of the Medicare Part D program requirements and are not employed in the area under review; and
e. access to existing audit resources, relevant personnel, and relevant areas of operation by both internal and independent auditors.
2. Formal Auditing and Monitoring
OSEEGIB’s Internal Auditor shall collaborate with the Compliance Officer and Staff Compliance Committee in coordination of formal audits. Audits may be performed by internal or external auditors with expertise in federal and state health care statutes, regulations, and policies. The external auditor shall be independent of OSEEGIB's management and have complete access to records and personnel.
3. Informal Audits and Monitoring
Monitoring activities refer to reviews that are repeated on a regular basis during the normal course of operations. Monitoring may occur to ensure corrective actions are undertaken or when no specific problems have been identified to confirm ongoing compliance.23
4. Risk Assessment
OSEEGIB shall have a risk assessment system that determines where OSEEGIB is at risk for FWA, and prioritizes (ranks) the risks. The Compliance Officer and Staff Compliance Committee shall participate in or contribute to the risk assessment process. OSEEGIB shall have a system of ongoing monitoring and auditing that is coordinated or executed by the Compliance Officer to assess performance in, at a minimum, areas identified as being at risk. The processes used to implement the risk assessment system shall be documented and available, upon request, to CMS or MEDIC.
5. Documentation
All efforts to comply with applicable statutes and regulations shall be documented, including the fact that an audit has taken place and a description of the nature and results of the audit. Any inquiries OSEEGIB makes of third party payors or Medicare carriers regarding the claim submission process shall be documented if OSEEGIB intends to rely on the guidance.
OSEEGIB or its designee will engage in data analysis to identify patterns of aberrant and potentially abusive utilization or business practice. When data analysis reveals the potential for fraud or abuse, OSEEGIB must refer these leads promptly to the MEDIC for further investigation. Documentation of how internal monitoring and auditing for FWA, including data analysis procedures, may be requested upon CMS audit.
6. Periodic Audits
On a periodic basis as determined by the Compliance Officer, but no less than once a year, OSEEGIB shall conduct random audits to ensure claims processing accuracy and adherence to the Compliance Program. When audit results reveal areas needing additional information or education of Covered Persons, these areas will be incorporated into the training and educational system. Periodic audits shall include the following:
a. the operations of OSEEGIB’s PBM and other third party administrators;
b. claims processing (e.g. claims processing edits that will identify potential FWA at the point of sale, either prospective, retrospective or both);
c. marketing operations;
d. pricing;
e. rebates and other price concessions;
f. formulary development;
g. pharmacy & therapeutics committee;
h. CMS payment operations (e.g. “the bid,” claims data submission for payment); and24
i. testing and confirming compliance with the Part D benefit regulations and all applicable state and federal laws as well as internal policies and procedures.
7. Disclosure of Audit Results
The Internal Auditor and/or Compliance Officer shall report to the Regulatory Compliance Committee the results of any audit. The Compliance Officer, in consultation with Legal Counsel, shall determine whether corrective action is necessary. Legal Counsel will advise on matters of attorney/client privilege, disclosure, and whether OSEEGIB has any affirmative duties to report the violations and/or make restitution to members, providers, or CMS.
8. Data Analysis
OSEEGIB or its designee will engage in data analysis to identify patterns of aberrant and potentially abusive utilization. When data analysis reveals the potential for FWA within OSEEGIB’s network, OSEEGIB shall refer these leads promptly to the MEDICs for further investigation. Documentation of how internal monitoring and auditing for FWA, including data analysis procedures, shall be made by OSEEGIB which may be requested upon a CMS audit.
H. Responding to Possible or Detected Violations
1. General
OSEEGIB is committed to investigating any incident of noncompliance with the Compliance Program, significant failures to comply with applicable federal or state law, and other types of misconduct which threatens or calls into question OSEEGIB’s status as a reliable, honest, and trustworthy agency of the State of Oklahoma. Fraudulent or erroneous conduct that has been detected, but not corrected, can seriously endanger the reputation and legal PDP status of OSEEGIB. In this regard, OSEEGIB has developed internal and external audit procedures and encourages Covered Persons to report FWA on their own initiative.
2. Responding to and Correcting Potential Violations
Upon receipt of reports or reasonable indications of suspected noncompliance or FWA, the Compliance Officer, or the person to whom (s)he delegates, will investigate the allegation(s) to determine whether a material violation of applicable law or requirements of the Compliance Program has occurred.
In the event any material violation of this Compliance Program, or if any incident of fraud is determined by the Compliance Officer, the Compliance Officer shall immediately take appropriate actions, including:
a. referral of any abusive or potentially fraudulent conduct or inappropriate utilization activities, once identified via proactive data analysis or other processes, for further investigation to CMS or the MEDICs;25
b. procedures to cooperate with law enforcement and the MEDICs;
c. immediate reporting of potential violations of Federal law to the DHHS OIG or, alternatively, to appropriate law enforcement authorities;
d. identification and repayment of any overpayments to the appropriate party; and
e. removal of any Covered Persons or members who engage in fraudulent or abusive practices from any work on all federal health care programs.
3. Investigation
An investigation of a particular practice or suspected violation shall involve a review of the relevant documentation and records, interviews with staff, and analysis of applicable laws and regulations. All investigations shall be conducted under the auspices of Legal Counsel and any and all investigators, consultants or other third parties retained to participate in the investigations shall be retained through Legal Counsel.
The results of any investigations shall be thoroughly documented. Investigation records shall include a description of the investigative process, copies of interview notes and key documents, a log of individuals interviewed and documents reviewed, the results of the investigation, and any disciplinary or corrective actions taken. Precautions shall be taken to ensure that critical documents are not destroyed without permission of the Compliance Officer and approval of Legal Counsel, and are retained in accordance with statutory guidelines regarding retention.
4. Corrective Action
Corrective Action should be taken promptly following completion of the investigation. If an audit or investigation reveals a material violation of this Compliance Program, the Compliance Officer and Legal Counsel shall draft a corrective plan of action, and establish deadlines by which corrective action must take place. Possible corrective actions include, but are not limited to, refunds of any overpayment received, disciplinary actions, and reporting to federal or state authorities.
All corrective actions shall be documented, and include progress reports with respect to each error identified. Any decision whether to disclose the results of investigations or audits to federal or state authorities shall be made by the Governing Board based upon recommendations of Legal Counsel.
5. Relations with CMS, MEDIC, and Law Enforcement
It is OSEEGIB’s policy to fully cooperate with CMS, MEDIC and law enforcement. OSEEGIB shall cooperate and coordinate with MEDICs, CMS, and law enforcement as appropriate, in the following ways:
a. access shall be provided to all requested facilities and records associated in any manner with the Part D program for (ten) 10 years from the end of the final contract period or completion of an audit, whichever is later, unless specific conditions apply. This includes allowing access to any26
government auditor acting on behalf of the federal government or CMS to conduct an onsite audit at the facilities of OSEEGIB or any of its subcontractors;
b. all instances of potential or actual fraud identified within OSEEGIB’s network and/or organization must be referred to the MEDICs for further investigation and/or potential referral to law enforcement;
c. complaints received by OSEEGIB alleging or demonstrating potential fraud must be referred to the MEDICs for further investigation;
d. referrals to the MEDICs shall be documented. ;
e. OSEEGIB shall be able to furnish all information requested by the MEDICs, CMS and law enforcement, including claims data, within thirty (30) days from the date of the request unless otherwise specified; and
f. once OSEEGIB has referred a case to the MEDICs, OSEEGIB will continue to track all aspects of the case, as specified by the MEDICs and provide updates to the MEDICs as needed.
6. Government Investigations/Search Warrants
In the event a Covered Person is contacted by a governmental agency regarding OSEEGIB's business, or, if a governmental agent visits a Covered Person, the Covered Person in question shall immediately notify the Compliance Officer or Legal Counsel.
A search warrant is a legal document giving authorization to specific law enforcement officers to search a specified area and to seize specific material. The warrant must describe the material that can be seized and the places that may be searched; and must be signed by, or on behalf of, a judge or magistrate with jurisdiction over the area to be searched. In the event a law enforcement officer or government agent presents a search warrant at OSEEGIB, the following procedures shall be taken:
a. cooperate with the agents and immediately notify the Compliance Officer;
b. if for any reason the Compliance Officer cannot be reached, immediately contact the compliance reporting hotline at 405-717-8771;
c. the Compliance Officer (or designee) will immediately notify Legal Counsel and the Administrator;
d. the Administrator should become the contact person for the agents;
e. ask for identification from the agent in charge of executing the warrant, and ask for a copy of both the search warrant and the affidavit submitted to the court in order to obtain the warrant. Fax or send this information to the Compliance Officer as soon as possible;
f. it is OSEEGIB’s policy to cooperate fully with the agents. It is absolutely critical that no Covered Person interferes with the agents in any way during their search or prevents them from accessing 27
anything listed in the search warrant. Obstructing or interfering with a lawful search can constitute a serious offense;
g. the contact person should accompany the agents during the search and take notes of what they take, what they look at, to whom they talk, and what questions are asked;
h. the agents may ask Covered Persons questions during the search. Agents may present themselves at the home of a Covered Person. Covered Persons have the right to either talk to the agents or not to talk to them, except to the extent that it is necessary to talk to them to comply with the warrant. Covered Persons also have the right to consult with counsel when making that decision and to have counsel present if they decide to talk to the agents;
i. the search warrant will include an attachment listing things that can be seized and places that may be searched. If the agents try to go into areas that are not listed in the warrant, ask them to wait until legal counsel arrives. If they refuse, do not interfere, but note which agents went into areas not specified in the warrant, when this occurred, and whether they seized anything from the area;
j. agents may take original documents. Request a detailed inventory of the material the agents are taking. They are required to provide a receipt for the articles taken;
k. if the agent takes documents (including computer files), ask to make copies of those documents. Agents are not required to allow copies to be made and may refuse to do so; and
l. if the agents are looking for a document housed in a place other than those listed on the warrant, let the agents know we will be happy to comply once their search warrant has been updated. Covered Persons should not block access to any area, but do not give agents permission to search an area that is not listed on the warrant.28
This publication was printed by the Oklahoma State and Education Employees Group Insurance Board, a division of the Office of State Finance, as authorized by 74 O.S., Section 1301, et seq. 250 copies have been printed at a cost of $0.102 each. Copies have been deposited with the Publications Clearinghouse of the Oklahoma Department of Libraries.29
This page intentionally left blank.